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clearpass_policy_manager 








Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy 
Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for 





ClearPass Policy Manager that address this security vulnerability. 

















MISC 


Primary sagi : CVSS Source & Patch 
Vendor -- Product Description Publiened | Score Info 
Ops CLI version 2.0.4 (and earlier) is affected by a Deserialization 
of Untrusted Data vulnerability to achieve arbitrary code execution CVE-2021-40720 
adobe -- ops-cli when the checkout_repo function is called on a maliciously crafted || 2021-10-15 10 Msc 
file. An attacker can leverage this to execute arbitrary code on the DE 
victim machine. 
Advantech WebAccess versions 9.02 and prior are vulnerable to a CVE-2021-33023 
advantech -- webaccess heap-based buffer overflow, which may allow an attacker to 2021-10-18 L9 Msc 
remotely execute code. Lares 
Advantech WebAccess versions 9.02 and prior are vulnerable to a CVE-2021-38389 
advantech -- webaccess stack-based buffer overflow, which may allow an attacker to 2021-10-18 25 MISC... 
remotely execute code. fr 
A memory corruption issue was addressed with improved memory z 7 
handling. This issue is fixed in macOS Big Sur 11.5.1, iOS 14.7.1 vi ae 
apple -- ipad_os and iPadOS 14.7.1, watchOS 7.6.1. An application may be able to || 2021-10-19 9.3 MISC 
execute arbitrary code with kernel privileges. Apple is aware of a MISC 
report that this issue may have been actively exploited. e 
A memory consumption issue was addressed with improved CVE-2021-30837 
, memory handling. This issue is fixed in iOS 15 and iPadOS 15, MISC 
apple -- ipados watchOS 8, tvOS 15. An application may be able to execute oe 2.3 MISC 
arbitrary code with kernel privileges. MISC 
A memory corruption issue was addressed with improved memory 
; handling. This issue is fixed in iOS 15 and iPadOS 15. A malicious CVE-2021-30838 
apple -- ipados application may be able to execute arbitrary code with system 202171013 2.3 MISC 
privileges on devices with an Apple Neural Engine. 
A logic issue was addressed with improved state management. CVE-2021-30820 
apple -- ipados This issue is fixed in iOS 14.8 and iPadOS 14.8. A remote 2021-10-19 LO Msc 
attacker may be able to cause arbitrary code execution. = 
A memory corruption issue was addressed with improved memory 7 F 
Hipiesamaccos & handling. This issue is fixed in Security Update 2021-005 Catalina, 2021-10-19 93 aae =a 
pP SS macOS Big Sur 11.6. A malicious application may be able to zA PETEN 
; : ae MISC 
execute arbitrary code with kernel privileges. 
A race condition was addressed with additional validation. This 
issue is fixed in Security Update 2021-005 Catalina. Mounting a CVE-2020-29622 
apple -- mac_os_x maliciously crafted NFS network share may lead to arbitrary code Spates 18 MISC 
execution with system privileges. 
A remote arbitrary command execution vulnerability was 
discovered in Aruba ClearPass Policy Manager version(s): 
arubanetworks -- ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass 2021-10-15 9 CVE-2021-40998 











https://content.govdelivery.com/accounts/USDHSCISA/bulletins/2f919b9 





1/64 


10/25/21, 1:59 PM 


Vulnerability Summary for the Week of October 18, 2021 





Primary 
Vendor -- Product 


Description 


Published 


CVSS 
Score 


Source & Patch 
Info 








arubanetworks -- 
clearpass_policy_manager 


A remote directory traversal vulnerability was discovered in Aruba 
ClearPass Policy Manager version(s): ClearPass Policy Manager 
6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 
6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. 
Aruba has released patches for ClearPass Policy Manager that 
address this security vulnerability. 


2021-10-15 


Ko 


CVE-2021-40988 
MISC 








arubanetworks -- 
clearpass_policy_manager 


A remote arbitrary command execution vulnerability was 
discovered in Aruba ClearPass Policy Manager version(s): 
ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass 
Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy 
Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for 
ClearPass Policy Manager that address this security vulnerability. 


2021-10-15 


Io 


CVE-2021-40987 
MISC 








arubanetworks -- 
clearpass_policy_manager 


A remote arbitrary command execution vulnerability was 
discovered in Aruba ClearPass Policy Manager version(s): 
ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass 
Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy 
Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for 
ClearPass Policy Manager that address this security vulnerability. 


2021-10-15 


KO 


CVE-2021-40986 
MISC 








arubanetworks -- 
clearpass_policy_manager 


A remote authentication bypass vulnerability was discovered in 
Aruba ClearPass Policy Manager version(s): ClearPass Policy 
Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x 
prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 
6.8.9-HF1. Aruba has released patches for ClearPass Policy 
Manager that address this security vulnerability. 


2021-10-15 


CVE-2021-37736 
MISC 








arubanetworks -- 
clearpass_policy_manager 


A local escalation of privilege vulnerability was discovered in 
Aruba ClearPass Policy Manager version(s): ClearPass Policy 
Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x 
prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 
6.8.9-HF1. Aruba has released patches for ClearPass Policy 
Manager that address this security vulnerability. 


2021-10-15 


CVE-2021-40989 
MISC 








arubanetworks -- 
clearpass_policy_manager 


A remote arbitrary command execution vulnerability was 
discovered in Aruba ClearPass Policy Manager version(s): 
ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass 
Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy 
Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for 
ClearPass Policy Manager that address this security vulnerability. 


2021-10-15 


Io 


CVE-2021-37739 
MISC 








evm_project -- evm 


The evm crate is a pure Rust implementation of Ethereum Virtual 
Machine. In `evm` crate `< 0.31.0°, SUMPI opcode's condition is 
checked after the destination validity check. However, according 
to Geth and OpenEthereum, the condition check should happen 
before the destination validity check. This is a **high** severity 
security advisory if you use `evm` crate for Ethereum mainnet. In 
this case, you should update your library dependency immediately 
to on or after `0.31.0`. This is a **low** severity security advisory if 
you use `evm` crate in Frontier or in a standalone blockchain, 
because there's no security exploit possible with this advisory. It is 
**not** recommended to update to on or after °0.31.0° until all the 
normal chain upgrade preparations have been done. If you use 
Frontier or other ‘pallet-evm’ based Substrate blockchain, please 
ensure to update your ‘spec_version’ before updating this. For 
other blockchains, please make sure to follow a hard-fork process 
before you update this. 


2021-10-18 


CVE-2021-41153 
MISC 
CONFIRM 








fatek -- 
communication_server_firmware 


FATEK Automation Communication Server Versions 1.13 and 
prior lacks proper validation of user-supplied data, which could 
result in a stack-based buffer overflow condition and allow an 
attacker to remotely execute code. 


2021-10-15 


CVE-2021-38432 
MISC 








glasswire -- glasswire 


A code injection vulnerability exists within the firewall software of 
GlassWire v2.1.167 that could lead to arbitrary code execution 
from a file in the user path on first execution. 


2021-10-18 


CVE-2021-22961 
MISC 








golang -- go 


Go before 1.16.9 and 1.17.x before 1.17.2 has a Buffer Overflow 
via large arguments in a function invocation from a WASM 
module, when GOARCH=wasm GOOS=js is used. 


2021-10-18 


CVE-2021-38297 
CONFIRM 
MISC 








inhandnetworks -- ir615_ firmware 


InHand Networks IR615 Router's Versions 2.3.0.r4724 and 
2.3.0.r4870 does not enforce an efficient password policy. This 
may allow an attacker with obtained user credentials to enumerate 
passwords and impersonate other application users and perform 
operations on their behalf. 


2021-10-19 


CVE-2021-38462 
MISC 








inhandnetworks -- ir615_ firmware 











InHand Networks IR615 Router's Versions 2.3.0.r4724 and 
2.3.0.r4870 do not have a filter or signature check to detect or 
prevent an upload of malicious files to the server, which may allow 
an attacker, acting as an administrator, to upload malicious files. 
This could result in cross-site scripting, deletion of system files, 
and remote code execution. 








2021-10-19 





Ico 








CVE-2021-38484 
MISC 
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attacker could leverage this vulnerability to bypass mitigations 
such as ASLR. Exploitation of this issue requires user interaction 
in that a victim must open a malicious PDF file. 

















Prima ae : CVSS Source & Patch 
Vendor -- Padia Description Published Score Info 
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 
2.3.0.r4870 are vulnerable to cross-site request forgery when 
unauthorized commands are submitted from a user the web CVE-2021-38480 
inhandnetworks -- ir615_firmware [application trusts. This may allow an attacker to remotely perform || 2021-10-19 9.3 Msc 
actions on the router’s management portal, such as making ae 
configuration changes, changing administrator credentials, and 
running system commands on the router. 
CVE-2021-3881 
libmobi_project -- libmobi libmobi is vulnerable to Out-of-bounds Read 2021-10-15 LS MISC 
CONFIRM 
A flaw was found in the libtpms code that may cause access 
beyond the boundary of internal buffers. The vulnerability is 
triggered by specially-crafted TPM2 command packets that then CVE-2021-3746 
libtpms_project -- libtpms trigger the issue when the state of the TPM2's volatile state is 2021-10-19 sil Msc 
written. The highest threat from this vulnerability is to system rao 
availability. This issue affects libtpms versions before 0.8.5, before 
0.7.9 and before 0.6.6. 
python-tuf is a Python reference implementation of The Update 
Framework (TUF). In both clients (‘tuf/client’ and “tuf/ngclient), 
there is a path traversal vulnerability that in the worst case can 
overwrite files ending in *.json’ anywhere on the client system on 
a Call to ‘get_one_valid_targetinfo()’. It occurs because the 
rolename is used to form the filename, and may contain path 
traversal characters (ie °../../name.json’). The impact is mitigated 
by a few facts: It only affects implementations that allow arbitrary CVE-2021-41131 
linuxfoundation -- rolename selection for delegated targets metadata, The attack 2021-10-19 88 MISC 
the_update_ framework requires the ability to A) insert new metadata for the path- = CONFIRM 
traversing role and B) get the role delegated by an existing targets MISC 
metadata, The written file content is heavily restricted since it 
needs to be a valid, signed targets file. The file extension is 
always .json. A fix is available in version 0.19 or newer. There are 
no workarounds that do not require code changes. Clients can 
restrict the allowed character set for rolenames, or they can store 
metadata in files named in a way that is not vulnerable: neither of 
these approaches is possible without modifying python-tuf. 
The bluemonday sanitizer before 1.0.16 for Go, and before 0.0.8 CVE-2021-42576 
microco -- bluemonday for Python (in pybluemonday), does not properly enforce policies 2021-10-18 13 Msc 
associated with the SELECT, STYLE, and OPTION elements. ——— 
The OWASP Java HTML Sanitizer before 20211018.1 does not CVE-2021-42575 
owasp -- java_html_sanitizer properly enforce policies associated with the SELECT, STYLE, 2021-10-18 TO Msc 
and OPTION elements. cei 
stanford -- corenlp ae is vulnerable to Improper Restriction of XML External 2021-10-15 75 erT 
ntity Reference Msc 
The WordPress PDF Light Viewer Plugin WordPress plugin before 
; : 1.4.12 allows users with Author roles to execute arbitrary OS CVE-2021-24684 
teamiead:= pdf-light-viewer command on the server via OS Command Injection when invoking 20211 0719 a MISC 
Ghostscript. 
CVE-2021-23449 
This affects the package vm2 before 3.9.4 via a Prototype MISC 
vm2_project -- vm2 Pollution attack vector, which can lead to execution of arbitrary 2021-10-18 T5 MISC 
code on the host machine. MISC 
MISC 
Yealink Device Management (DM) 3.6.0.20 allows command CVE-2021-27561 
yealink -- device_management injection as root via the /sm/api/v1/firewall/zone/services URI, 2021-10-15 10 Msc 
without authentication. a 
Back to top 
Medium Vulnerabilities 
Prima oe : CVSS Source & Patch 
Vendor -- Praia Description Published Score Info 
Adobe Acrobat Reader DC version 21.007.20095 (and earlier), 
21.007.20096 (and earlier), 20.004.30015 (and earlier), and 
17.011.30202 (and earlier) is affected by a out-of-bounds read CVE-2021-40729 
adobe -- acrobat_dc vulnerability that could lead to disclosure of sensitive memory. An || 2021-10-15 4.3 aee = 


MISC 
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may be able to read kernel memory. 

















MISC 


Primary ae P CVSS Source & Patch 
Vendor -- Product Description Published Score Info 
Adobe Acrobat Reader DC version 21.007.20095 (and earlier), 
21.007.20096 (and earlier), 20.004.30015 (and earlier), and 
17.011.30202 (and earlier) is affected by a use-after-free that 
allow a remote attacker to disclose sensitive information on CVE-2021-40730 
adobe = acropat de affected installations of of Adobe Acrobat Reader DC. User eee 43 MISC 
interaction is required to exploit this vulnerability in that the target 
must visit a malicious page or open a malicious file. The specific 
flaw exists within the parsing of JPG2000 images. 
Adobe Acrobat Reader DC version 21.007.20095 (and earlier), 
21.007.20096 (and earlier), 20.004.30015 (and earlier), and 
17.011.30202 (and earlier) is affected by an out-of-bounds write CVE-2021-40731 
adobe -- acrobat_dc vulnerability when parsing a crafted JPEG2000 file, which could 2021-10-15 6.8 as ee 
; : NT MISC 
result in arbitrary code execution in the context of the current user. 
Exploitation of this issue requires user interaction in that a victim 
must open a malicious file. 
Adobe Acrobat Reader DC version 21.007.20095 (and earlier), 
21.007.20096 (and earlier), 20.004.30015 (and earlier), and 
17.011.30202 (and earlier) is affected by a use-after-free CVE-2021-40728 
adobe -- acrobat_dc vulnerability in the processing of the GetURL function on a global || 2021-10-15 6.8 Msc 
object window that could result in arbitrary code execution in the e 
context of the current user. Exploitation of this issue requires user 
interaction in that a victim must open a malicious file. 
Acrobat Reader for Android versions 21.8.0 (and earlier) are 
affected by a Path traversal vulnerability. An unauthenticated 
attacker could leverage this vulnerability to achieve arbitrary code CVE-2021-40724 
adobe -- acrobat_reader execution in the context of the current user. Exploitation of this 2021710719 6.8 MISC 
issue requires user interaction in that a victim must open a 
malicious file. 
Adobe Commerce versions 2.4.2-p2 (and earlier), 2.4.3 (and 
earlier) and 2.3.7p1 (and earlier) are affected by a cross-site 
D request forgery (CSRF) vulnerability via a Wishlist Share Link. 40. CVE-2021-39864 
adobe=commerce Successful exploitation could lead to unauthorized addition to 2021-10519 4.3 MISC 
customer cart by an unauthenticated attacker. Access to the 
admin console is not required for successful exploitation. 
An authenticated user using Advantech WebAccess SCADA in CVE-2021-38431 
advantech -- webaccess_scada versions 9.0.3 and prior can use API functions to disclose project 2021-10-15 4 Msc — 
names and paths from other users. E 
Apache Superset up to and including 1.3.0 when configured with 
apache = súperset ENABLE_TEMPLATE_PROCESSING on (disabled by default) 2021-10-18 6 CVE-2021-41971 
P P allowed SQL injection when a malicious authenticated user sends = MISC 
an http request with a custom URL. 
This issue was addressed with improved checks. This issue is 
; fixed in iOS 15 and iPadOS 15. A local attacker may be able to CVE-2021-30825 
apple — ipados cause unexpected application termination or arbitrary code 2021-1013 46 MISC 
execution. 
An out-of-bounds read was addressed with improved input 
: validation. This issue is fixed in iOS 15 and iPadOS 15. CVE-2021-30819 
epple-ipades Processing a maliciously crafted USD file may disclose memory eel Ae 4.3 MISC 
contents. 
A logic issue was addressed with improved state management. 
: This issue is fixed in iOS 15 and iPadOS 15. In certain situations, CVE-2021-30826 
apple -- ipados the baseband would fail to enable integrity and ciphering ee 5 MISC 
protection. 
A memory corruption issue was addressed with improved state 
appes macosx management. This issue is fixed in Security Update 2021-005 2021-10-19 46 To 
PP =n Catalina, macOS Big Sur 11.6. A local attacker may be able to = MISC 
elevate their privileges. (emma 
A permissions issue existed. This issue was addressed with 
apple- macosx improved permission validation. This issue is fixed in Security 2021-10-19 46 ee 
PP -oS Update 2021-005 Catalina, macOS Big Sur 11.6. A local attacker = E 
may be able to elevate their privileges. ae 
This issue was addressed with improved checks. This issue is CVE-2021-30828 
apple -- mac_os_x fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. || 2021-10-19 4.9 MISC 
A local user may be able to read arbitrary files as root. MISC 
A URI parsing issue was addressed with improved parsing. This CVE-2021-30829 
apple -- mac_os_x issue is fixed in Security Update 2021-005 Catalina, macOS Big 2021-10-19 4.6 MISC 
Sur 11.6. A local user may be able to execute arbitrary files. MISC 
A logic issue was addressed with improved state management. CVE-2021-30844 
apple -- mac_os_x This issue is fixed in Security Update 2021-005 Catalina, macOS 2021-10-19 5 MISC 
Big Sur 11.6. A remote attacker may be able to leak memory. MISC 
An out-of-bounds read was addressed with improved bounds 
apple -- macos checking. This issue is fixed in macOS Big Sur 11.6. A local user | 2021-10-19 | ag |- E 2021-306e5 
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apple -- safari 


A memory corruption issue was addressed with improved memory 
handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 
15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing 
maliciously crafted web content may lead to arbitrary code 
execution. 


2021-10-19 


CVE-2021-30846 
MISC 
MISC 
MISC 
MISC 
MISC 








arubanetworks -- 
clearpass_policy_manager 


A remote arbitrary command execution vulnerability was 
discovered in Aruba ClearPass Policy Manager version(s): 
ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass 
Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy 
Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for 
ClearPass Policy Manager that address this security vulnerability. 


2021-10-15 


CVE-2021-40994 
MISC 








arubanetworks -- 
clearpass_policy_manager 


A remote arbitrary command execution vulnerability was 
discovered in Aruba ClearPass Policy Manager version(s): 
ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass 
Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy 
Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for 
ClearPass Policy Manager that address this security vulnerability. 


2021-10-15 


CVE-2021-40999 
MISC 








arubanetworks -- 
clearpass_policy_manager 


A remote arbitrary command execution vulnerability was 
discovered in Aruba ClearPass Policy Manager version(s): 
ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass 
Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy 
Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for 
ClearPass Policy Manager that address this security vulnerability. 


2021-10-15 


CVE-2021-40995 
MISC 








arubanetworks -- 
clearpass_policy_manager 


A remote authentication bypass vulnerability was discovered in 
Aruba ClearPass Policy Manager version(s): ClearPass Policy 
Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x 
prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 
6.8.9-HF1. Aruba has released patches for ClearPass Policy 
Manager that address this security vulnerability. 


2021-10-15 


In 


CVE-2021-40997 
MISC 








arubanetworks -- 
clearpass_policy_manager 


A remote SQL injection vulnerability was discovered in Aruba 
ClearPass Policy Manager version(s): ClearPass Policy Manager 
6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 
6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF 1. 
Aruba has released patches for ClearPass Policy Manager that 
address this security vulnerability. 


2021-10-15 


CVE-2021-40992 
MISC 








arubanetworks -- 
clearpass_policy_manager 


A remote disclosure of sensitive information vulnerability was 
discovered in Aruba ClearPass Policy Manager version(s): 
ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass 
Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy 
Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for 
ClearPass Policy Manager that address this security vulnerability. 


2021-10-15 


CVE-2021-40991 
MISC 








arubanetworks -- 
clearpass_policy_manager 


A remote SQL injection vulnerability was discovered in Aruba 
ClearPass Policy Manager version(s): ClearPass Policy Manager 
6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 
6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF 1. 
Aruba has released patches for ClearPass Policy Manager that 
address this security vulnerability. 


2021-10-15 


CVE-2021-40993 
MISC 








arubanetworks -- 
clearpass_policy_manager 


A remote SQL injection vulnerability was discovered in Aruba 
ClearPass Policy Manager version(s): ClearPass Policy Manager 
6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 
6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF 1. 
Aruba has released patches for ClearPass Policy Manager that 
address this security vulnerability. 


2021-10-15 


CVE-2021-37737 
MISC 








arubanetworks -- 
clearpass_policy_manager 


A remote disclosure of sensitive information vulnerability was 
discovered in Aruba ClearPass Policy Manager version(s): 
ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass 
Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy 
Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for 
ClearPass Policy Manager that address this security vulnerability. 


2021-10-15 


I> 


CVE-2021-40990 
MISC 














arubanetworks -- 
clearpass_policy_manager 


A remote disclosure of sensitive information vulnerability was 
discovered in Aruba ClearPass Policy Manager version(s): 
ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass 
Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy 
Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for 
ClearPass Policy Manager that address this security vulnerability. 


2021-10-15 


In 


CVE-2021-37738 
MISC 








arubanetworks -- 
clearpass_policy_manager 





A remote authentication bypass vulnerability was discovered in 
Aruba ClearPass Policy Manager version(s): ClearPass Policy 
Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x 
prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 
6.8.9-HF1. Aruba has released patches for ClearPass Policy 





Manager that address this security vulnerability. 








2021-10-15 





ln 





CVE-2021-40996 
MISC 
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to read unauthorized information. 

















Primary oar : CVSS Source & Patch 
Vendor -- Product Description Published | Score Info 
ASUSTek ZenBook Pro Due 15 UX582 laptop firmware through CVE-2021-42055 
asus -- ux582Ir_firmware 203 has Insecure Permissions that allow attacks by a physically 2021-10-18 4.6 Msc = 
proximate attacker. pee 
Best Practical Request Tracker (RT) 4.2 before 4.2.17, 4.4 before CVE-2021-38562 
bestpractical -- request_tracker 4.4.5, and 5.0 before 5.0.2 allows sensitive information disclosure || 2021-10-18 5 MISC 
via a timing attack against lib/RT/REST2/Middleware/Auth.pm. CONFIRM 
bludit -- bludit Cross Site Scripting (XSS) vulnerability exists in bludit 3-13-1 via 2021-10-19 43 CVE-2021-35323 
the username in admin/login. = MISC 
bookstackapp -- bookstack bookstack is vulnerable to Improper Limitation of a Pathname to a 2021-10-15 4 Vier =n 
PP Restricted Directory (‘Path Traversal’) = CONFIRM 
ahackpoint== Mobile Access Portal Native Applications who's path is defined by CVE-2021-30358 
Eble Access boral agent the administrator with environment variables may run applications || 2021-10-19 6 MISC 
= -P -39 from other locations by the Mobile Access Portal Agent. MISC 
iTop is an open source web based IT Service Management tool. In CVE-2021-32663 
; affected versions an attacker can call the system setup without CONFIRM 
pembodo ap authentication. Given specific parameters this can lead to SSRF. 2021710719 8 MISC 
This issue has been resolved in versions 2.6.5 and 2.7.5 and later MISC 
An out-of-bounds read in the SNMP stack in Contiki-NG 4.4 and CVE-2020-12141 
earlier allows an attacker to cause a denial of service and Msc = 
contiki-ng -- contiki-ng potentially disclose information via crafted SNMP packets to 2021-10-19 6.4 MISC 
snmp_ber_decode_string_len_buffer in os/net/app- MISC 
layer/snmp/snmp-ber.c. eo 
HevelitiGne An incomplete permission check on entries in Devolutions Remote CVE-2021-42098 
remote deskon: mahdger Desktop Manager before 2021.2.16 allows attackers to bypass 2021-10-18 6.5 MISC 
= P- 9 permissions via batch custom PowerShell. CONFIRM 
Discourse-reactions is a plugin for the Discourse platform that 
allows user to add their reactions to the post. In affected versions CVE-2021-41140 
discourse = discourse reactions reactions given by user to secure topics and private messages are 2021-10-19 5 Msc 
= visible. This issue is patched in version 0.2 of discourse-reaction. a CONFIRM 
Users who are unable to update are advised to disable the nF 
Discourse-reactions plugin in admin panel. 
Tuleap is a Free & Open Source Suite to improve management of 
software developments and collaboration. In affected versions CVE-2021-41155 
Tuleap does not sanitize properly user inputs when constructin MISC 
p properly p g 
enalean -- tuleap the SQL query to browse and search revisions in the CVS 2021-10-18 6.5 MISC 
repositories. The following versions contain the fix: Tuleap MISC 
Community Edition 11.17.99.146, Tuleap Enterprise Edition 11.17- CONFIRM 
5, Tuleap Enterprise Edition 11.16-7. 
Tuleap is a Free & Open Source Suite to improve management of 
software developments and collaboration. In affected versions an we 
epaleanetulea attacker with read access to a "SVN core" repository could 2021-10-18 65 MISC 
P execute arbitrary SQL queries. The following versions contain the S CONFIRM 
fix: Tuleap Community Edition 11.17.99.144, Tuleap Enterprise Msc 
Edition 11.17-5, Tuleap Enterprise Edition 11.16-7. (ies 
Tuleap Open ALM is a libre and open source tool for end to end 
traceability of application and system developments. Prior to 
version 11.16.99.173 of Community Edition and versions 11.16-6 i eas 
analean<aiulea and 11.15-8 of Enterprise Edition, an attacker with the ability to 2024-10-15 65 MISC 
P add one the CI widget to its personal dashboard could execute TE CONFIRM 
arbitrary SQL queries. Tuleap Community Edition 11.16.99.173, Msc 
Tuleap Enterprise Edition 11.16-6, and Tuleap Enterprise Edition e 
11.15-8 contain a patch for this issue. 
Tuleap Open ALM is a libre and open source tool for end to end 
traceability of application and system developments. Prior to 7 £ 
version 11.16.99.173 of Community Edition and versions 11.16-6 o 
analeanaulea and 11.15-8 of Enterprise Edition, an attacker with admin rights in 2024-10-15 65 CONFIRM 
P one agile dashboard service can execute arbitrary SQL queries. a Msc 
Tuleap Community Edition 11.16.99.173, Tuleap Enterprise MISC 
Edition 11.16-6, and Tuleap Enterprise Edition 11.15-8 contain a Pe 
patch for this issue. 
A use after free vulnerability in FATEK Automation WinProladder 
: versions 3.30 and prior may be exploited when a valid user opens CVE-2021-38438 
fatek -- winproladder a malformed project file, which may allow arbitrary code ane 6.8 MISC 
execution. 
FATEK Automation WinProladder versions 3.30 and prior proper 
= validation of user-supplied data when parsing project files, which 40. CVE-2021-38430 
ratek Wnproladder could result in a stack-based buffer overflow. An attacker could 2021-10218 5.8 MISC 
leverage this vulnerability to execute arbitrary code. 
FATEK Automation WinProladder versions 3.30 and prior is CVE-2021-38440 
fatek -- winproladder vulnerable to an out-of-bounds read, which may allow an attacker || 2021-10-18 4.3 aaa ee 


MISC 
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easytest_online_learning_test_platfojattackers can access other users’ and administrator’s account 





information except password by crafting URL parameters. 

















CONFIRM 


Primary MPE P CVSS Source & Patch 
Vendor -- Product Description Published Score Info 
FATEK Automation WinProladder versions 3.30 and prior lacks 
proper validation of user-supplied data when parsing project files, CVE-2021-38442 
fatek -- winproladder which could result in a heap-corruption condition. An attacker 2021-10-18 6.8 Msc 
could leverage this vulnerability to execute code in the context of ———— 
the current process. 
FATEK Automation WinProladder versions 3.30 and prior lacks 
proper validation of user-supplied data when parsing project files, CVE-2021-38436 
fatek -- winproladder which could result in a memory-corruption condition. An attacker 2021-10-18 6.8 Msc 
could leverage this vulnerability to execute arbitrary code in the es 
context of the current process. 
FATEK Automation WinProladder versions 3.30 and prior lacks 
; proper validation of user-supplied data when parsing project files, CVE-2021-38426 
fatek==winproladder which could result in an out-of-bounds write. An attacker could ei 6.8 MISC 
leverage this vulnerability to execute arbitrary code. 
FATEK Automation WinProladder versions 3.30 and prior lacks 
<a proper validation of user-supplied data when parsing project files, 40. CVE-2021-38434 
raek winproladden which could result in an unexpected sign extension. An attacker ADAN LOTE £8 MISC 
could leverage this vulnerability to execute arbitrary code. 
; : The Find My Blocks WordPress plugin before 3.4.0 does not have 
Lili eit cae authorisation checks in its REST API, which could allow 2021-10-18 ¢ ioo = 
-MY unauthenticated users to enumerate private posts' titles. e 
, p , Hau CVE-2021-3846 
firefly-iii -- firefly_iii firefly-iii is vulnerable to Unrestricted Upload of File with 2021-10-19 6.5 CONFIRM 
Dangerous Type Msc 
CVE-2021-3851 
firefly-iii -- firefly_iii firefly-iii is vulnerable to URL Redirection to Untrusted Site 2021-10-19 4.9 MISC 
CONFIRM 
OpenOlat is a web-based e-learning platform for teaching, 
learning, assessment and communication, an LMS, a learning 
management system. In affected versions by manipulating the 
HTTP request an attacker can modify the path of a requested file 
download in the folder component to point to anywhere on the 
target system. The attack could be used to read any file 
accessible in the web root folder or outside, depending on the 
configuration of the system and the properly configured oe 
frentix -- openolat permission of the application server user. The attack requires an 2021-10-18 4 CONFIRM 
OpenOlat user account or the enabled guest user feature together Msc 
with the usage of the folder component in a course. The attack re 
does not allow writing of arbitrary files, it allows only reading of 
files and also only ready of files that the attacker knows the exact 
path which is very unlikely at least for OpenOlat data files. The 
problem is fixed in version 15.5.8 and 16.0.1 It is advised to 
upgrade to version 16.0.x. There are no known workarounds to fix 
this problem, an upgrade is necessary. 
The GamePress WordPress plugin through 1.1.0 does not escape 
F the op_edit POST parameter before outputting it back in multiple CVE-2021-24617 
gamepress_project-- gamepress game Option pages, leading to Reflected Cross-Site Scripting 20210 18 43 MISC 
issues 
An exploitable double-free vulnerability exists in the JavaScript 
implementation of Nitro Pro PDF. A specially crafted document 
can cause a reference to a timeout object to be stored in two CVE-2021-21797 
gonitro -- nitro_pro different places. When closed, the document will result in the 2021-10-18 6.8 Msc 
reference being released twice. This can lead to code execution re 
under the context of the application. An attacker can convince a 
user to open a document to trigger this vulnerability. 
An exploitable use-after-free vulnerability exists in the JavaScript 
implementation of Nitro Pro PDF. A specially crafted document 
can cause an object containing the path to a document to be CVE-2021-21796 
gonitro -- nitro_pro destroyed and then later reused, resulting in a use-after-free 2021-10-18 6.8 Msc 
vulnerability, which can lead to code execution under the context re 
of the application. An attacker can convince a user to open a 
document to trigger this vulnerability. 
A potential security vulnerability has been identified in HPE 
Superdome Flex Servers. The vulnerability could be remotely 
: exploited to allow Cross Site Scripting (XSS) because the Session CVE-2021-26589 
hpe -- superdome_flex_firmware — Iccokie is missing an HttpOnly Attribute. HPE has provided a 202151013 43 |imisc 
firmware update to resolve the vulnerability in HPE Superdome 
Flex Servers. 
The learning history page of the Easytest is vulnerable by 
huaju -- permission bypass. After obtaining a user’s permission, remote 2021-10-15 4 CVE-2021-42336 
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Javascript by Inserting code in the request form. 

















Primary oar A CVSS Source & Patch 
Vendor -- Product Description Published Score Info 
The Easytest contains SQL injection vulnerabilities. After obtaining 
huaju -- user’s privilege, remote attackers can inject SQL commands into 2021-10-15 65 CVE-2021-42333 
easytest_online_learning_test_platfojtime parameters of the learning history page to access all database OTe CONFIRM 
and obtain administrator permissions. 
The Easytest contains SQL injection vulnerabilities. After obtaining 
huaju -- a user’s privilege, remote attackers can inject SQL commands into 2021-10-15 6.5 CVE-2021-42334 
easytest_online_learning_test_platfojttme parameters of the elective course management page to obtain ona CONFIRM 
all database and administrator permissions. 
IBM Cognos Analytics 11.1.7 and 11.2.0 could allow an 
ibm coanos analytics authenticated user to execute code remotely due to incorrectly 2021-10-15 65 a 
gnos_; y neutralizaing user-contrlled input that could be interpreted a a ee XE! 
server-side include (SSI) directive. IBM X-Force ID: 199915. — 
IBM Cognos Analytics 11.1.7 and 11.2.0 is vulnerable to priviledge 
; À escalation where a lower evel user could have access to the 'New CVE-2021-29745 
ibm -- cognos_analytics ; $ 2021-10-15 6.5 XF 
Job' page to which they should not have access to. IBM X-Force CONFIRM 
ID: 201695. e 
Diiis: IBM Security Risk Manager on CP4S 1.7.0.0 stores user CVE-2021-38911 
sack riek manader omccnds credentials in plain clear text which can be read by a an 2021-10-19 4 XF 
ynsk ger_on_cp authenticatedl privileged user. IBM X-Force ID: 209940. CONFIRM 
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 
2.3.0.r4870 have has no account lockout policy configured for the 
; EK : login page of the product. This may allow an attacker to execute a AO: CVE-2021-38474 
nhandnewonks =ihailo_TnneS brute-force password attack with no time limitation and without 202171013 5 MISC 
harming the normal operation of the user. This could allow an 
attacker to gain valid credentials for the product interface. 
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 
iahandnetworke:-<ir645 -finnware 2.3.0.r4870 have inadequate encryption strength, which may allow 2021-10-19 58 CVE-2021-38464 
= an attacker to intercept the communication and steal sensitive MISC 
information or hijack the session. 
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 
' : : 2.3.0.r4870 are vulnerable to an attacker using a ping tool to inject CVE-2021-38470 
inhandnetworks -- ir615_firmware | commands into the device. This may allow the attacker to 2021-19713 6.5 MISC 
remotely run commands on behalf of the device. 
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 
2.3.0.r4870 management portal does not contain an X-FRAME- 
; : : OPTIONS header, which an attacker may take advantage of by CVE-2021-38472 
inhandnetworks -- ir615_firmware sending a link to an administrator that frames the router’s eens 43 MISC 
management portal and could lure the administrator to perform 
changes. 
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 
2.3.0.r4870 do not perform sufficient input validation on client CVE-2021-38466 
inhandnetworks -- ir615_ firmware — ||requests from the help page. This may allow an attacker to 2021-10-19 4.3 Msc 
perform a reflected cross-site scripting attack, which could allow e 
an attacker to run code on behalf of the client browser. 
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 
2.3.0.r4870 cloud portal allows for self-registration of the affected CVE-2021-38486 
inhandnetworks -- ir615_ firmware — ||product without any requirements to create an account, which may|| 2021-10-19 6 Msc 
allow an attacker to have full control over the product and execute e 
code within the internal network to which the product is connected. 
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 
; À : 2.3.0.r4870 authentication process response indicates and CVE-2021-38476 
inhandnetworks -- ir615_firmware | alidates the existence of a username. This may allow an attacker 2021-19719 S MISC 
to enumerate different user accounts. 
Backstage is an open platform for building developer portals. In 
affected versions A malicious actor could read sensitive files from 
the environment where Scaffolder Tasks are run. The attack is 
executed by crafting a custom Scaffolder template with a 
github:publish:pull-request action and a particular source path. CVE-2021-41151 
: : When the template is executed the sensitive files would be aaa a 
linuxfoundation -- backstage 5 ; : ; fr 2021-10-18 4 CONFIRM 
included in the published pull request. This vulnerability is MISC 
mitigated by the fact that an attacker would need access to create a 
and register templates in the Backstage catalog, and that the 
attack is very visible given that the exfiltration happens via a pull 
request. The vulnerability is patched in the ‘0.15.9° release of 
*@backstage/plugin-scaffolder-backend . 
The MainWP Child Reports WordPress plugin before 2.0.8 does 
z > ; not validate or sanitise the order parameter before using it in a CVE-2021-24754 
mainwp -- mainwp_child_reports SQL statement in the admin dashboard, leading to an SQL e021 U8 8.5 MISC 
injection issue 
Cross Site Scripting (XSS). vulnerability exists in Microweber CMS CVE-2021-33988 
microweber -- microweber 1.2.7 via the Login form, which could let a malicious user execute || 2021-10-19 4.3 nan ee 


MISC 
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stb_image.h in stb 2.26 via a crafted JPEG file. 

















MISC 


Primary are : CVSS Source & Patch 
Vendor -- Product Description Published | Score Info 
mitsubishielectric -- Mitsubishi Electric SmartRTU devices allow XSS via the username 2021-10-15 43 canine 
smartrtu_firmware parameter or PATH_INFO to login.php. — MISC 
mitsubishieleatrics: Mitsubishi Electric SmartRTU devices allow remote attackers to CVE-2018-16060 
srnarirtu: finpiware obtain sensitive information (directory listing and source code) via || 2021-10-15 5 MISC 
= a direct request to the /web URI. MISC 
myfactory -- fms myfactory.FMS before 7.1-912 allows XSS via the UID parameter. || 2021-10-18 | 43 2 aii 
myfactory -- fms Coren before 7.1-912 allows XSS via the Error 2021-10-18 | 43 i acini 
The Snappy frame decoder function doesn't restrict the chunk 
length which may lead to excessive memory usage. Beside this it 
also may buffer reserved skippable chunks until the whole chunk CVE-2021-37137 
netty -- netty was received which may lead to excessive memory usage as well. || 2021-10-19 a Msc 
This vulnerability can be triggered by supplying malicious input S 
that decompresses to a very big size (via a network stream or a 
file) or by sending a huge skippable chunk. 
The Bzip2 decompression decoder function doesn't allow setting 
size restrictions on the decompressed output data (which affects CVE-2021-37136 
netty -- netty the allocation size used during decompression). All users of 2021-10-19 5 Msc — 
Bzip2Decoder are affected. The malicious input can trigger an e 
OOME and so a DoS attack 
Out-of-bounds read vulnerability in CX-Supervisor v4.0.0.13 and 
omron SeSubaRASOr v4.0.0.16 allows an attacker with administrative privileges to 2021-10-19 6 ao 
p cause information disclosure and/or arbitrary code execution by a MISC 
opening a specially crafted SCS project files. Ea 
The One User Avatar WordPress plugin before 2.3.7 does not 
: = check for CSRF when updating the Avatar in page where the Ae CVE-2021-24675 
piesa ane eee [avatar_upload] shortcode is embed. As a result, attackers could R0210 S 4.3 MISC 
make logged in user change their avatar via a CSRF attack 
Agents are able to lock the ticket without the "Owner" permission. 
Once the ticket is locked, it could be moved to the queue where CVE-2021-36097 
pas olrS the agent has "rw" permissions and gain a full control. This issue 2021-10-18 4 CONFIRM 
affects: OTRS AG OTRS 8.0.x version: 8.0.16 and prior versions. 
ortainer portainer Cross Site Scripting (XSS vulnerability exists in Portainer before 2021-10-18 43 ie 
P P 2.9.1 via the node input box in Custom Templates. ESR MISC 
A link preview rendering issue in Rocket.Chat versions before 3.9 CVE-2020-8291 
rocket.chat -- rocket.chat could lead to potential XSS attacks. aye | 43 MISC 
; m - : : CVE-2011-1497 
rubyonrails -- rails A cross-site scripting vulnerability flaw was found in the auto_link 2021-10-19 4.3 MISC 
function in Rails before version 3.0.6. MISC 
A possible open redirect vulnerability in the Host Authorization CVE-2021-22942 
rubyonrails -- rails middleware in Action Pack >= 6.0.0 that could allow attackers to 2021-10-18 5.8 Msc = 
redirect users to a malicious website. E 
The Scroll Baner WordPress plugin through 1.0 does not have 
: CSRF check in place when saving its settings, nor perform any 
scroll_banner_project -- sanitisation, escaping or validation on them. This could allow 2021-10-18 4.3 CVE-2021-24642 
scroll_banner MISC 
= attackers to make logged in admin change them and could lead to i 
RCE (via a file upload) as well as XSS 
An issue was discovered in function sofia_handle_sip_i_notify in oe 
signalwire -- freeswitch sofia.c in SignalWire freeswitch before 1.10.6, may allow attackers|| 2021-10-18 5 Msc 
to view sensitive information due to an uninitialized value. FFRI 
CONFIRM 
CVE-2021-3858 
snipeitapp -- snipe-it snipe-it is vulnerable to Cross-Site Request Forgery (CSRF) 2021-10-19 6.8 CONFIRM 
MISC 
a an 4 CVE-2021-3863 
ps enaa snipe-it is vulnerable to Improper Neutralization of Input During 40. SAREA 
Snipeitapp:z=snipezit Web Page Generation ('Cross-site Scripting’) ew a3 aa = 
An issue was discovered in Squid 5.0.6 through 5.1.x before 5.2. 
When ea origin pate or peer Sobre A CVE-2021-41611 
squid-cache -- squid incorrectly classify certain certi icates as trusted. his problem || 2021-10-18 5 MISC 
allows a remote server to obtain security trust well improperly. This a CONFIRM 
indication of trust may be passed along to clients, allowing access ee 
to unsafe or hijacked services. 
; sis CVE-2021-3869 
stanford -- corenip Set eal to Improper Restriction of XML External 2021-10-19 5 MISC 
y CONFIRM 
stb_project -- stb Buffer overflow vulnerability in function stbi__extend_receive in 2021-10-15 | 6.8 CVE-2021-28021 
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Primary ae P CVSS Source & Patch 
Vendor -- Product Description Published Score Info 
The gmp plugin in strongSwan before 5.9.4 has a remote integer ? í 
overflow via a crafted certificate with an RSASSA-PSS signature. oo ma 
strongswan -- strongswan For example, this can be triggered by an unrelated self-signed CA || 2021-10-18 5 CONFIRM 
certificate sent by an initiator. Remote code execution cannot DEBIAN 
occur. e 
The in-memory certificate cache in strongSwan before 5.9.4 has a 
remote integer overflow upon receiving many requests with CVE-2021-41991 
different certificates to fill the cache and later trigger the CONFIRM 
strongswan -- strongswan replacement of cache entries. The code attempts to select a less- || 2021-10-18 5 MISC 
often-used cache entry by means of a random number generator, DEBIAN 
but this is not done correctly. Remote code execution might be a MLIST 
slight possibility. 
The Compact WP Audio Player WordPress plugin before 1.9.7 
tipsandtricks-hq -- does not implement nonce checks, which could allow attackers to 2021-10-18 43 CVE-2021-24735 
compact_wp_audio_player make a logged in admin change the "Disable Simultaneous Play" oe MISC 
setting via a CSRF attack. 
CVE-2021-3875 
vim — vim vim is vulnerable to Heap-based Buffer Overflow 2021-10-15 | 4.3 a 
FEDORA 
CVE-2021-3872 
vim -- vim vim is vulnerable to Heap-based Buffer Overflow 2021-10-19 | 46 ERRi 
FEDORA 
The Wechat Reward WordPress plugin through 1.7 does not 
wechat_reward_project -- sanitise or escape its QR settings, nor has any CSRF check in 2021-10-18 43 CVE-2021-24615 
wechat_reward place, allowing attackers to make a logged in admin change the ee MISC 
settings and perform Cross-Site Scripting attacks. 
The Wp Cookie Choice WordPress plugin through 1.1.0 is lacking 
P z F any CSRF check when saving its options, and do not escape them 
Wwp_cookie_choice_project = when outputting them in attributes. As a result, an attacker could 2021-10-18 4.3 ea 
wp_cookie_choice A : ; ; : MISC 
make a logged in admin change them to arbitrary values including 
XSS payloads via a CSRF attack. 
The “Study Edit” function of ShinHer StudyOnline System does 
xinheinformation -- not perform permission control. After logging in with user’s 2021-10-15 55 CVE-2021-42331 
xinhe_teaching_platform_system privilege, remote attackers can access and edit other users’ ae CONFIRM 
tutorial schedule by crafting URL parameters. 
The “List View” function of ShinHer StudyOnline System is not 
xinheinformation -- under authority control. After logging in with user’s privilege, 2021-10-15 4 CVE-2021-42332 
xinhe_teaching_platform_system remote attackers can access the content of other users’ message = CONFIRM 
boards by crafting URL parameters. 
The “Teacher Edit” function of ShinHer StudyOnline System does 
xinheinformation -- not perform authority control. After logging in with user’s privilege, 2021-10-15 55 CVE-2021-42330 
xinhe_teaching_platform_system remote attackers can access and edit other users’ credential and ants CONFIRM 
personal information by crafting URL parameters. 
Back to top 
Low Vulnerabilities 
Primary ae : CVSS Source & Patch 
Vendor -- Product Description Published Score Info 
Adobe Connect version 11.2.2 (and earlier) is affected by a 
reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is CVE-2021-40721 
adobe -- connect able to convince a victim to visit a URL referencing a vulnerable 2021-10-15 3:5 MISC. .OC~™S 
page, malicious JavaScript content may be executed within the e 
context of the victim's browser. 
In “OpenCMS”, versions 10.5.0 to 11.0.2 are affected by a stored 
XSS vulnerability that allows low privileged application users to CVE-2021-25968 
alkacon -- opencms store malicious scripts in the Sitemap functionality. These scripts 2021-10-19 3.5 MISC 
are executed in a victim’s browser when they open the page MISC 
containing the vulnerable field. 
Apache Superset up to and including 1.1 does not sanitize titles 
ES correctly on the Explore page. This allows an attacker with Ane CVE-2021-32609 
apache = superset Explore access to save a chart with a malicious title, injecting html 2021-10-18 3.8 MISC 
(including scripts) into the page. 
An authorization issue was addressed with improved state 
management. This issue is fixed in iOS 15 and iPadOS 15, ae 
apple -- ipados watchOS 8, tvOS 15. An attacker in physical proximity may be 2021-10-19 2.9 MISC 
able to force a user onto a malicious Wi-Fi network during device MISC 











setup. 























https://content.govdelivery.com/accounts/USDHSCISA/bulletins/2919b9 


10/64 














10/25/21, 1:59 PM 


Vulnerability Summary for the Week of October 18, 2021 



















































































which could allow users with a role as low as Contributor to 
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Prima ii : CVSS Source & Patch 
Vendor -- india Description Published | Score Info 
A lock screen issue allowed access to contacts on a locked 
; device. This issue was addressed with improved state CVE-2021-30815 
apple -- ipados management. This issue is fixed in iOS 15 and iPadOS 15. A local] 2021-10-19 2.1 misc 
attacker may be able to view contacts from the lock screen. 
This issue was addressed with improved checks. This issue is CVE-2021-30811 
apple -- ipados fixed in iOS 15 and iPadOS 15, watchOS 8. A local attacker may 2021-10-19 2A MISC 
be able to read sensitive information. MISC 
The Author Bio Box WordPress plugin is vulnerable to Stored 
Cross-Site Scripting due to insufficient input validation and 
sanitization via several parameters found in the CVE-2021-39349 
author_bio_box_project -- ~/includes/admin/class-author-bio-box-admin.php file which 2021-10-15 24 MISC 
author_bio_box allowed attackers with administrative user access to inject ce MISC 
arbitrary web scripts, in versions up to and including 3.3.1. This MISC 
affects multi-site installations where unfiltered_html is disabled for 
administrators, and sites where unfiltered_html is disabled. 
The Easy Twitter Feed WordPress plugin before 1.2 does not 
sanitise or validate the parameters from its shortcode, allowing CVE-2021-24413 
bplugins -- easy_twitter_feed users with a role as low as contributor to set Cross-Site Scripting 2021-10-18 3:0 Msc 
payload in them which will be triggered in the page/s with the wees 
embed malicious shortcode 
The Html5 Audio Player â€“ Audio Player for WordPress plugin 
before 2.1.3 does not sanitise or validate the parameters from its CVE-2021-24412 
bplugins -- html5_audio_player shortcode, allowing users with a role as low as contributor to set 2021-10-18 3:5 Msc 
Cross-Site Scripting payload in them which will be triggered in the res 
page/s with the embed malicious shortcode 
The Polo Video Gallery â€“ Best wordpress video gallery plugin 
WordPress plugin through 1.2 does not sanitise or validate the CVE-2021-24415 
bplugins -- polo_video_gallery parameters from its shortcode, allowing users with a role as low 2021-10-18 3:3 Msc 
as contributor to set Cross-Site Scripting payload in them which e 
will be triggered in the page/s with the embed malicious shortcode 
The StreamCast â€“ Radio Player for WordPress plugin before 
2.1.1 does not sanitise or validate the parameters from its CVE-2021-24416 
bplugins -- streamcast_radio_player||shortcode, allowing users with a role as low as contributor to set 2021-10-18 3:5 Msc 
Cross-Site Scripting payload in them which will be triggered in the fone 
page/s with the embed malicious shortcode 
Multiple Plugins from the CatchThemes vendor do not perform 
capability and CSRF checks in the ctp_switch AJAX action, which 
could allow any authenticated users, such as Subscriber to 
change the Essential Widgets WordPress plugin before 1.9, To 
Top WordPress plugin before 2.3, Header Enhancement 
WordPress plugin before 1.5, Generate Child Theme WordPress 
plugin before 1.6, Essential Content Types WordPress plugin 
before 1.9, Catch Web Tools WordPress plugin before 2.7, Catch 
catchplugins -- Under Construction WordPress plugin before 1.4, Catch Themes 2021-10-18 35 CVE-2021-24752 
catch_scroll_progress_bar Demo Import WordPress plugin before 1.6, Catch Sticky Menu = MISC 
WordPress plugin before 1.7, Catch Scroll Progress Bar 
WordPress plugin before 1.6, Social Gallery and Widget 
WordPress plugin before 2.3, Catch Infinite Scroll WordPress 
plugin before 1.9, Catch Import Export WordPress plugin before 
1.9, Catch Gallery WordPress plugin before 1.7, Catch Duplicate 
Switcher WordPress plugin before 1.6, Catch Breadcrumb 
WordPress plugin before 1.7, Catch IDs WordPress plugin before 
2.4's configurations. 
stonith-ng in pacemaker and cluster-glue passed passwords as 
commandline parameters, making it possible for local attackers to CVE-2010-2496 
clusterlabs -- cluster_glue gain access to passwords of the HA stack and potentially 2021-10-18 24 Msc 8€©|0 
influence its operations. This is fixed in cluster-glue 1.0.6 and EE 
newer, and pacemaker 1.1.3 and newer. 
The HAL WordPress plugin is vulnerable to Stored Cross-Site 
Scripting due to insufficient input validation and sanitization via 
several parameters found in the ~/wp-hal.php file which allowed a aee 
cnrs -- hal attackers with administrative user access to inject arbitrary web 2021-10-15 al MISC 
scripts, in versions up to and including 2.1.1. This affects multi-site MISC 
installations where unfiltered_html is disabled for administrators, e 
and sites where unfiltered_html is disabled. 
Combodo iTop is an open source web based IT Service oc aanas 
; Management tool. In affected versions there is a XSS vulnerability Ferri eee 
combodo -- itop ii $ na 2021-10-19 35 MISC 
on "run query" page when logged as administrator. This has been MISC 
resolved in versions 2.6.5 and 2.7.5. RIEA 
MISC 
The PDF Flipbook, 3D Flipbook WordPress â€“ DearFlip 
WordPress plugin before 1.7.10 does not escape the class CVE-2021-24732 
dearhive -- dearflip attribute of its shortcode before outputting it back in an attribute, 2021-10-18 35 wc = 











https://content.govdelivery.com/accounts/USDHSCISA/bulletins/2f919b9 


11/64 








10/25/21, 1:59 PM 


Vulnerability Summary for the Week of October 18, 2021 





Primary 
Vendor -- Product 


Description 


Published 


Source & Patch 
Info 





emarketdesign -- 
customer_service_software_ 
amp;_support_ticket_system 


The Customer Service Software & Support Ticket System 
WordPress plugin before 5.10.4 does not sanitize or escape form 
fields before outputting it in the List, which could allow high 
privilege users to perform Cross-Site Scripting attacks even when 
the unfiltered_html capability is disallowed. 


2021-10-18 


ICVE-2021-24622 
MISC 





huaju -- 
easytest_online_learning_test_platfo| 


platform does not filter special characters. After obtaining a user’s 
Iprivilege, remote attackers can inject JavaScript and execute 
stored XSS attack. 


Easytest bulletin board management function of online learning 


2021-10-15 


CVE-2021-42335 
CONFIRM 








IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 is 
vulnerable to cross-site scripting. This vulnerability allows users to 


CVE-2021-29878 





























allow an attacker to hijack sessions of users connected to the 
system. 


eee automation: wordlow embed arbitrary JavaScript code in the Web UI thus altering the 2021-10-18 3.5 XE 
= = intended functionality potentially leading to credentials disclosure CONFIRM 
within a trusted session. IBM X-Force ID: 206581. 
IBM Cognos Analytics 11.1.7 and 11.2.0 contains locally cached CVE-2020-4951 
ibm -- cognos_analytics browser data, that could allow a local attacker to obtain sensitive 2021-10-15 ai. CONFIRM 
information. XF 
IBM Security Risk Manager on CP4S 1.7.0.0 is vulnerable to 
ibm cross-site scripting. This vulnerability allows users to embed CVE-2021-29912 
security risk Imanager-an “onde arbitrary JavaScript code in the Web UI thus altering the intended || 2021-10-19 39 XE 
YASH | ger_on_cp functionality potentially leading to credentials disclosure within a CONFIRM 
trusted session. IBM X-Force ID: 207828. 
WordPress Popups, Welcome Bar, Optins and Lead Generation CVE-2021-36832 
icegram -- icegram Plugin — Icegram (versions <= 2.0.2) vulnerable at "Headline" 2021-10-19 3.5 CONFIRM 
(&message_data[16][headline]) input. MISC 
The Indeed Job Importer WordPress plugin is vulnerable to Stored 
Cross-Site Scripting due to insufficient input validation and 
sanitization via several parameters found in the ~/indeed-job- CVE-2021-39355 
indeed-job-importer_project -- importer/trunk/indeed-job-importer.php file which allowed attackers 2021-10-19 3.5 MISC 
indeed-job-importer with administrative user access to inject arbitrary web scripts, in = MISC 
versions up to and including 1.0.5. This affects multi-site MISC 
installations where unfiltered_html is disabled for administrators, 
and sites where unfiltered_html is disabled. 
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 
inhandnetworks -- ir615_ firmware 2.3.0.r4870 are vulnerable to stored cross-scripting, which may 2021-10-19 CVE-2021-38468 


MISC 








inhandnetworks -- ir615_ firmware 


InHand Networks IR615 Router's Versions 2.3.0.r4724 and 
2.3.0.r4870 website used to control the router is vulnerable to 
stored cross-site scripting, which may allow an attacker to hijack 
sessions of users connected to the system. 


2021-10-19 


CVE-2021-38482 
MISC 





iongroup -- wallstreet_suite 


TRM 7.4.83 (64-bit edition) with higher privilege than the average 
authenticated user. 


A technical user has hardcoded credentials in Wallstreet Suite 


2021-10-15 


CVE-2021-41320 


MISC 
MISC 





job-portal_ project -- job-portal 


Site Scripting due to insufficient input validation and sanitization 
via several parameters found in the ~/admin/jobs_function.php file 
which allowed attackers with administrative user access to inject 
arbitrary web scripts, in versions up to and including 0.0.1. This 
affects multi-site installations where unfiltered_html is disabled for 
administrators, and sites where unfiltered_html is disabled. 


The job-portal WordPress plugin is vulnerable to Stored Cross- 


2021-10-15 


CVE-2021-39337 
MISC 
MISC 
MISC 





kajoom -- kjm_admin_notices 


Cross-Site Scripting due to insufficient input validation and 
sanitization via several parameters found in the ~/admin/class- 
kjm-admin-notices-admin.php file which allowed attackers with 
administrative user access to inject arbitrary web scripts, in 
versions up to and including 2.0.1. This affects multi-site 
installations where unfiltered_html is disabled for administrators, 
and sites where unfiltered_html is disabled. 


The KJM Admin Notices WordPress plugin is vulnerable to Stored 


2021-10-15 


CVE-2021-39344 
MISC 
MISC 
MISC 








linksoftwarellc -- business_manager 


The Business Manager WordPress plugin is vulnerable to Stored 
Cross-Site Scripting due to insufficient input validation and 
sanitization found throughout the plugin which allowed attackers 
with administrative user access to inject arbitrary web scripts, in 
versions up to and including 1.4.5. This affects multi-site 
installations where unfiltered_html is disabled for administrators, 
and sites where unfiltered_html is disabled. 


2021-10-15 


CVE-2021-39332 
MISC 








mpl-publisher_project -- mpl- 
publisher 








The MPL-Publisher WordPress plugin is vulnerable to Stored 
Cross-Site Scripting due to insufficient input validation and 
sanitization via several parameters found in the 
~/libs/PublisherController.php file which allowed attackers with 
administrative user access to inject arbitrary web scripts, in 
versions up to and including 1.30.2. This affects multi-site 
installations where unfiltered_html is disabled for administrators, 
and sites where unfiltered_html is disabled. 











2021-10-19 








CVE-2021-39343 
MISC 
MISC 
MISC 
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The MyBB Cross-Poster WordPress plugin is vulnerable to Stored 

Cross-Site Scripting due to insufficient input validation and 

sanitization via several parameters found in the CVE-2021-39338 
mybb_cross-poster_project -- ~/classes/MyBBXPSettings.php file which allowed attackers with 2021-10-15 21 MISC 
mybb_cross-poster administrative user access to inject arbitrary web scripts, in S MISC 

versions up to and including 1.0. This affects multi-site MISC 

installations where unfiltered_html is disabled for administrators, 

and sites where unfiltered_html is disabled. 

Clustered Data ONTAP versions 9.x prior to 9.5P18, 9.6P16, 

9.7P16, 9.8P7 and 9.9.1P2 are susceptible to a vulnerability which CVE-2021-27001 
netapp -- clustered_data_ontap could allow an authenticated privileged local attacker to arbitrarily || 2021-10-19 pHa Msc 

modify Compliance-mode WORM data prior to the end of the eee 

retention period. 

The One User Avatar WordPress plugin before 2.3.7 does not 
onedesigns -- one_user_avatar escape the link and target attributes of its shortcode, allowing 2021-10-18 CVE-2021-24672 


users with a role as low as Contributor to perform Stored Cross- 
Site Scripting attacks 


Is 
lon 


MISC 





The Gutenberg PDF Viewer Block WordPress plugin before 1.0.1 


pdf_viewer_block_for_gutenberg_pragksets not sanitise and escape its block, which could allow users 


-- pdf_viewer_block_for_gutenberg 


with a role as low as Contributor to perform Cross-Site Scripting 
attacks. 


2021-10-18 


CVE-2021-24760 
MISC 








perceptionsystem -- 
job_board_vanila 


The Job Board Vanila WordPress plugin is vulnerable to Stored 
Cross-Site Scripting due to insufficient input validation and 
sanitization via the psjb_exp_in and the psjb_curr_in parameters 
found in the ~/job-settings.php file which allowed attackers with 
administrative user access to inject arbitrary web scripts, in 
versions up to and including 1.0. This affects multi-site 
installations where unfiltered_html is disabled for administrators, 
and sites where unfiltered_html is disabled. 


2021-10-15 


CVE-2021-39334 
MISC 
MISC 
MISC 





planso -- planso_forms 


The PlanSo Forms WordPress plugin through 2.6.3 does not 


escape the title of its Form before outputting it in attributes, 
allowing high privilege users such as admin to set XSS payload in 
it, even when the unfiltered_html is disallowed, leading to an 
Authenticated Stored Cross-Site Scripting issue. 


2021-10-18 


CVE-2021-24516 
MISC 





secondlinethemes -- 
podcast_subscribe_buttons 


The Podcast Subscribe Buttons WordPress plugin before 1.4.2 


allows users with any role capable of editing or adding posts to 
perform stored XSS. 


2021-10-18 


CVE-2021-24743 


MISC 





snipeitapp -- snipe-it 


snipe-it is vulnerable to Improper Neutralization of Input During 
Web Page Generation ('Cross-site Scripting’) 


2021-10-19 


CVE-2021-3879 


MISC 
CONFIRM 





sociable_project -- sociable 


The Sociable WordPress plugin through 4.3.4.1 does not sanitise 


or escape some of its settings before outputting them in the 
admins dashboard, allowing high privilege users to perform Cross- 
Site Scripting attacks against other users even when the 
unfiltered_html capability is disallowed 


2021-10-18 


CVE-2021-24612 
MISC 





itammersoft -- shared_files 


The Easy Download Manager and File Sharing Plugin with 


frontend file upload â€“ a better Media Library â€” Shared Files 
WordPress plugin before 1.6.57 does not sanitise and escape 
some of its settings before outputting them in attributes, which 
could lead to Stored Cross-Site Scripting issues. 


2021-10-18 


CVE-2021-24736 
MISC 





themeum -- tutor_Ims 


The Tutor LMS WordPress plugin before 1.9.9 does not escape 


some of its settings before outputting them in attributes, which 
could allow high privilege users to perform Cross-Site Scripting 
attacks even when the unfiltered_html capability is disallowed. 


2021-10-18 


efe Le lelefe[ = |e 


CVE-2021-24740 
MISC 








thimpress -- learnpress 


The LearnPress WordPress plugin before 4.1.3.1 does not 
properly sanitize or escape various inputs within course settings, 
which could allow high privilege users to perform Cross-Site 


Scripting attacks when the unfiltred_html capability is disallowed 


2021-10-18 


N 
ae 


CVE-2021-24702 
MISC 





timetracker_project -- timetracker 


anuko/timetracker is an, open source time tracking system. In 
affected versions Time Tracker uses browser_today hidden control 
on a few pages to collect the today's date from user browsers. 
Because of not checking this parameter for sanity in versions prior 
to 1.19.30.5601, it was possible to craft an html form with 
malicious JavaScript, use social engineering to convince logged 
on users to execute a POST from such form, and have the 
attacker-supplied JavaScript to be executed in user's browser. 
This has been patched in version 1.19.30.5600. Upgrade is 
recommended. If it is not practical, introduce 
ttValidDbDateFormatDate function as in the latest version and add 
a call to it within the access checks block. 


2021-10-18 


CVE-2021-41156 
CONFIRM 








tipsandtricks-hq -- 
compact_wp_audio_player 








The Compact WP Audio Player WordPress plugin before 1.9.7 
does not escape some of its shortcodes attributes, which could 
allow users with a role as low as Contributor to perform Stored 
Cross-Site Scripting attacks. 











2021-10-18 








jo 
ion 


CVE-2021-24734 
MISC 
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ultimatemember -- jobboardwp 


The JobBoardWP WordPress plugin is vulnerable to Stored 


Cross-Site Scripting due to insufficient input validation and 
sanitization via several parameters found in the 
~/includes/admin/class-metabox.php file which allowed attackers 
with administrative user access to inject arbitrary web scripts, in 
versions up to and including 1.0.7. This affects multi-site 
installations where unfiltered_html is disabled for administrators, 
and sites where unfiltered_html is disabled. 


2021-10-19 


: 


CVE-2021-39329 
MISC 
MISC 
MISC 








The Job Manager WordPress plugin is vulnerable to Stored 
Cross-Site Scripting due to insufficient input validation and 
sanitization via several parameters found in the ~/admin-jobs.php 
file which allowed attackers with administrative user access to 


CVE-2021-39336 
MISC 




























































































wp-jobmanager -- job_manager inject arbitrary web scripts, in versions up to and including 0.7.25. 2021-1019 21 MISC 
This affects multi-site installations where unfiltered_html is MISC 
disabled for administrators, and sites where unfiltered_html is 
disabled. 
The WpGenius Job Listing WordPress plugin is vulnerable to 
Stored Cross-Site Scripting due to insufficient input validation and 
sanitization via several parameters found in the CVE-2021-39335 
s T sa ~/src/admin/class/class-wpgenious-job-listing-options.php file MISC 
wpgenious -- wpgenius_job_listing |) hich allowed attackers with administrative user access to inject sl TS 24 MISC 
arbitrary web scripts, in versions up to and including 1.0.2. This MISC 
affects multi-site installations where unfiltered_html is disabled for 
administrators, and sites where unfiltered_html is disabled. 
The “List_Add” function of message board of ShinHer StudyOnline 
xinheinformation -- System does not filter special characters in the title parameter. 2021-10-15 35 CVE-2021-42329 
xinhe_teaching_platform_system ||After logging in with user’s privilege, remote attackers can inject m CONFIRM 
JavaScript and execute stored XSS attacks. 
Back to top 
Severity Not Yet Assigned 
Primary PER : CVSS Source & Patch 
Vendor -- Product Description Published | Score Info 
A specific function code receives a raw pointer supplied by the ó t 
, user and deallocates this pointer. The user can then control what 2021-10-22 not yet |CVE-2021-38467 
auvesy -- versiondog : i Ms calculated |CONFIRM 
memory regions will be freed and cause use-after-free condition. 
Adobe Connect version 11.2.2 (and earlier) is affected by a 
Deserialization of Untrusted Data vulnerability to achieve arbitrary 
aope = wounee! method invocation when AMF messages are deserialized on an 2021-10-21 Pl vi =e 
Adobe Connect server. An attacker can leverage this to execute = 
remote code execution on the server. 
ANCOM WLAN Controller (Wireless Series & Hotspot) WLC-1000 
ancom -- wlan_controllers & WLC-4006 was discovered to contain multiple cross-site 2021-10-22 not yet ||CVE-2020-23055 
scripting (XSS) vulnerabilities in the /authen/start/ module via the calculated |MISC 
userid and password parameters. 
ae , Aplioxio PDF ShapingUp 5.0.0.139 contains a buffer overflow n j 
aplioxio -- pdf_shapingup which allows attackers to cause a denial of service (DoS) via a 2021-10-22 not yet. | a 
: calculated ||MISC 
crafted PDF file. 
CVE-2021-30842 
This issue was addressed with improved checks. This issue is MISC 
fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, Security fot vet MISC 
apple -- multiple_products Update 2021-005 Catalina, tvOS 15, iOS 15 and iPadOS 15, 2021-10-19 Sied MISC 
watchOS 8. Processing a maliciously crafted dfont file may lead to MISC 
arbitrary code execution. MISC 
MISC 
CVE-2021-30847 
This issue was addressed with improved checks. This issue is MISC 
fixed in watchOS 8, macOS Big Sur 11.6, Security Update 2021- notvet MISC 
apple -- multiple_products 005 Catalina, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for 2021-10-19 seeacied MISC 
Windows. Processing a maliciously crafted image may lead to MISC 
arbitrary code execution. MISC 
MISC 
CVE-2021-30843 
This issue was addressed with improved checks. This issue is MISC 
: fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, Security MISC 
apple. multiple. products Update 2021-005 Catalina, tvOS 15, iOS 15 and iPadOS 15, 2021-10-19 || NOrver MISC 
watchOS 8. Processing a maliciously crafted dfont file may lead to MISC 
arbitrary code execution. MISC 
MISC 
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CVE-2021-30841 
This issue was addressed with improved checks. This issue is MISC 
appie- multisie: products fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, Security notyet MISC 
PP ple_P Update 2021-005 Catalina, tvOS 15, iOS 15 and iPadOS 15, 2021-10-19 | euisted MISC 
watchOS 8. Processing a maliciously crafted dfont file may lead to ca caed IMSE 
arbitrary code execution. MISC 
MISC 

A memory corruption issue was addressed with improved memory CVE-2021-30848 
apple -- multiple_products handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 2021-10-19 not yet MISC 
15, iOS 15 and iPadOS 15. Processing maliciously crafted web calculated |MISC 
content may lead to code execution. MISC 

CVE-2021-30849 
Multiple memory corruption issues were addressed with improved MISC 
annie multiple products memory handling. This issue is fixed in iOS 14.8 and iPadOS not vet MISC 
PP pe_p 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, 2021-10-19 | 10, Pateq MISC 
iTunes 12.12 for Windows. Processing maliciously crafted web eee SE 
content may lead to arbitrary code execution. MISC 
MISC 

An access issue was addressed with improved access CVE-2021-30850 
apple -- multiple_products restrictions. This issue is fixed in Security Update 2021-005 2021-10-19 not yet MISC 
Catalina, macOS Big Sur 11.6, tvOS 15. A user may gain access calculated |MISC 
to protected parts of the file system. MISC 





This issue was addressed with improved checks. This issue is 





CVE-2021-30835 






































product. 


; : : cael MISC 
; fixed in Security Update 2021-005 Catalina, iTunes 12.12 for Press 
appie =- multiple-products Windows, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. 2021-10-19 || pot yet MISE 
Processing a maliciously crafted image may lead to arbitrary code MISC 
execution. MISC 
On systems running Arista EOS and CloudEOS with the affected 
release version, when using shared secret profiles the password 
configured for use by BiDirectional Forwarding Detection (BFD) 
iaa will be leaked when displaying output over eAPI or other JSON ? : 
anista eos andecloudeos outputs to other authenticated users on the device. The affected 2021-10-21 Ma oe 
EOS Versions are: all releases in 4.22.x train, 4.23.9 and below a 
releases in the 4.23.x train, 4.24.7 and below releases in the 
4.24.x train, 4.25.4 and below releases in the 4.25.x train, 4.26.1 
and below releases in the 4.26.x train 
The administration web interface for the Arris Surfboard SB8200 
ae lacks any protections against cross-site request forgery attacks. is 3 
ane evapo ener This means that an attacker could make configuration changes 2021-10-21 oe — a 
(such as changing the administrative password) without the i 
consent of the user. 
Affected versions of Atlassian Jira Server and Data Center allow 
remote attackers to modify various resources via a Cross-Site 
atlassian -- jira_server Request Forgery (CSRF) vulnerability, following an Information 2021-10-21 not yet |CVE-2021-39126 
Disclosure vulnerability in the referrer headers which discloses a calculated |MISC 
user's CSRF token. The affected versions are before version 
8.5.10, and from version 8.6.0 before 8.13.2. 
; z anonymous remote attackers to the query component JQL 
atlassian -- jira_server endpoint via a Broken Access Control vulnerability (BAC) 2021-10-21 || Dot yet Io aes 
vulnerability. The affected versions are before version 8.5.10, and TEPPA 
from version 8.6.0 before 8.13.1. 
The login portal for the Automated Logic WebCTRL/WebCTRL 
OEM web application contains a vulnerability that allows for 
Aütömatéd. Jodie —webetri/webetri reflected XSS attacks due to the operatorlocale GET parameter notyét CVE-2021-31682 
—°9 not being sanitized. This issue impacts versions 6.5 and below. 2021-10-22 salculted MISC 
This issue works by passing in a basic XSS payload to a MISC 
vulnerable GET parameter that is reflected in the output without 
sanitization. 
: user and trust these pointers as valid in-bound memory regions. not yet ||CVE-2021-38479 
auvesy -- versiondog An attacker can manipulate API functions by writing arbitrary data 2021-10-22 || calculated [CONFIRM 
into the resolved address of a raw pointer. 
Some API functions permit by-design writing or copying data into 
E : a given buffer. Since the client controls these parameters, an a not yet ||CVE-2021-38449 
auvesy= versiondóg attacker could rewrite the memory in any location of the affected 202ga calculated |CONFIRM 





auvesy -- versiondog 


There are multiple API function codes that permit data writing to 


any file, which may allow an attacker to modify existing files or 
create new files. 


2021-10-22 


not yet 
calculated 


CVE-2021-38471 


CONFIRM 





auvesy -- versiondog 











The affected product’s code base doesn’t properly control 
arguments for specific functions, which could lead to a stack 
overflow. 








2021-10-22 


not yet 
calculated 








CVE-2021-38473 


CONFIRM 





Bi 
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Primary ae A CVSS Source & Patch 
Vendor -- Product Description Published Score Info 
The affected product’s proprietary protocol CSC allows for calling 
numerous function codes. In order to call those function codes, 
auvesy -- versiondog the user must supply parameters. There is no sanitation on the 2021-10-22 ioa ae ore a 
value of the offset, which allows the client to specify any offset and eee 
read out-of-bounds data. 
The webinstaller is a Golang web server executable that enables 
the generation of an Auvesy image agent. Resource consumption 
auvesy -- versiondog can be achieved by generating large amounts of installations, 2021-10-22 Pah eel aoe 
which are then saved without limitation in the temp folder of the eee ee 
webinstaller executable. 
auvesy -- versiondog Some API functions allow interaction with the registry, which 2021-10-22 not yet |CVE-2021-38453 
includes reading values as well as data modification. calculated |CONFIRM 
Many of the services used by the affected product do not specify 
auvesy -- versiondog full paths for the DLLs they are loading. An attacker can exploit 2021-10-22 not yet ||CVE-2021-38469 
the uncontrolled search path by implanting their own DLL near the calculated |CONFIRM 
affected product’s binaries, thus hijacking the loaded DLL. 
The affected product’s OS Service does not verify any given 
auvesy -- versiondog parameter. A user can supply any type of parameter that will be 2021-10-22 not yet CVE-2021-38455 
passed to inner calls without checking the type of the parameter or calculated |CONFIRM 
the value. 
: The server permits communication without any authentication 
auvesy -- versiondog procedure, allowing the attacker to initiate a session with the 2021-10-22 Pit ae oo 
server without providing any form of authentication. Pere oe 
; There are multiple API function codes that permit reading and 
auvesy -- versiondog writing data to or from files and directories, which could lead to the || 2021-10-22 Zoe oe 
manipulation and/or the deletion of files. fee 
F The database connection to the server is performed by calling a 
auvesy — versiondog specific API, which could allow an unprivileged user to gain 2021-10-22 || not yet noo 
SYSDBA permissions. — 
; The affected product uses a hard-coded blowfish key for 
auvesy -- versiondog encryption/decryption processes. The key can be easily extracted || 2021-10-22 ba A a a e 
from binaries. calculated |S SNTI 
: The affected product does not properly control the allocation of 
auvesy -- versiondog resources. A user may be able to allocate unlimited memory 2021-10-22 a et eae 
buffers using API functions. _—— 
The data of a network capture of the initial handshake phase can 
be used to authenticate at a SYSDBA level. If a specific .exe is not 
auvesy -- versiondog restarted often, it is possible to access the needed handshake 2021-10-22 not yet |CVE-2021-38459 
packets between admin/client connections. Using the SYSDBA calculated |CONFIRM 
permission, an attacker can change user passwords or delete the 
database. 
The scheduler service running on a specific TCP port enables the 
P user to start and stop jobs. There is no sanitation of the supplied 
auvesy -- versiondog JOB ID provided to the function. An attacker may send a malicious|| 2021-10-22 a eo ape 
payload that can enable the user to execute another SQL a 
expression by sending a specific string. 
CVE-2021-42771 
babal “locale Babel.Locale in Babel before 2.9.1 allows attackers to load not vet MISC 
arbitrary locale .dat files (containing serialized Python objects) via || 2021-10-20 y MISC 
calculated 
directory traversal, leading to code execution. MISC 
MLIST 
BQE BillQuick Web Suite 2018 through 2021 before 22.0.9.1 
allows SQL injection for unauthenticated remote code execution, 
sails ead : as exploited in the wild in October 2021 for ransomware i E 
a a Web Suite installation. SQL injection can, for example, use the txtID (aka 2021-10-22 Pi a ae =e 
username) parameter. Successful exploitation can include the Ta 
ability to execute arbitrary code as MSSQLSERVER$ via 
xp_cmdshell. 
[The Harmony Browse and the SandBlast Agent for Browsers | 
installers must have admin privileges to execute some steps 
browsers -- during the installation. Because the MS Installer allows regular not vet CVE-2021-30359 
harmony_browse_and_sandblast)agærsers to repair their installation, an attacker running an installer 2021-10-22 aed MISC 
before 90.08.7405 can start the installation repair and place a MISC 
specially crafted binary in the repair folder, which runs with the 
admin privileges. 
cameleon=èċms Uncaught Exception. The app's media upload feature crashes 2021-10-20 not yet a 
permanently when an attacker with a low privileged access calculated MISC 
uploads a specially crafted .svg file = 
Camaleon CMS 0.1.7 to 2.6.0 doesn’t terminate the active session 
dameleoncms of the users, even after the admin changes the user’s password. A 2021-10-20 not yet T 
user that was already logged in, will still have access to the calculated MISC 
application even after the password was changed. =- 
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Prima ae, : CVSS Source & Patch 
Vendor -- adici Description Published Score Info 
In “Camaleon CMS” application, versions 0.0.1 to 2.6.0 are 
cameleon = cms vulnerable to stored XSS, that allows unprivileged application not yet CVE-2021-25969 
users to store malicious scripts in the comments section of the 2021-10-20 calculated MISC 
post. These scripts are executed in a victim’s browser when they MISC 
open the page containing the malicious comment. 
In Camaleon CMS, versions 2.1.2.0 to 2.6.0, are vulnerable to 
Server-Side Request Forgery (SSRF) in the media upload feature, CVE-2021-25972 
cameleon -- cms which allows admin users to fetch media files from external URLs 2021-10-20 not yet MISC. 
but fails to validate URLs referencing to localhost or other internal calculated MISC 
servers. This allows attackers to read files stored in the internal = 
server. 
Catalyst IT Ltd Mahara CMS v19.10.2 was discovered to contain 
catalyst_it_Itd -- mahara_cms multiple cross-site scripting (XSS) vulnerabilities in the component 2021-10-22 not yet |CVE-2020-23052 
groupfiles.php via the Number (Nombre) and Description calculated |MISC 





chicehn_tech -- cms 


Chichen Tech CMS v1.0 was discovered to contain multiple SQL 


injection vulnerabilities in the file product_list.php via the id and cid 
parameters. 


2021-10-22 


not yet 
calculated 


i 


CVE-2020-28960 


MISC 





cisco -- identity_services_engine 


Multiple vulnerabilities in the web-based management interface of 


Cisco Identity Services Engine (ISE) Software could allow an 
attacker to conduct a cross-site scripting (XSS) attack against a 
user of the interface. For more information about these 
vulnerabilities, see the Details section of this advisory. 


2021-10-21 


not yet 
calculated 


CVE-2021-34738 
CISCO 





cisco -- identity_services_engine 


A vulnerability in the web-based management interface of Cisco 


Identity Services Engine (ISE) could allow an authenticated, 
remote attacker with administrative read-only privileges to 
download files that should be restricted. This vulnerability is due to 
incorrect permissions settings on an affected device. An attacker 
could exploit this vulnerability by sending a crafted HTTP request 
to the device. A successful exploit could allow the attacker to 
download files that should be restricted. 


2021-10-21 





not yet 
calculated 


CVE-2021-40123 
CISCO 








cisco -- identity_services_engine 


Multiple vulnerabilities in the web-based management interface of 
Cisco Identity Services Engine (ISE) Software could allow an 
attacker to conduct a cross-site scripting (XSS) attack against a 
user of the interface. For more information about these 
vulnerabilities, see the Details section of this advisory. 


2021-10-21 


not yet 
calculated 


CVE-2021-40121 
CISCO 








cisco -- 
integrated_management_controller 


A vulnerability in the web-based management interface of Cisco 
Integrated Management Controller (IMC) Software could allow an 
unauthenticated, remote attacker to cause the web-based 
management interface to unexpectedly restart. The vulnerability is 
due to insufficient input validation on the web-based management 
interface. An attacker could exploit this vulnerability by sending a 
crafted HTTP request to an affected device. A successful exploit 
could allow the attacker to cause the interface to restart, resulting 
in a denial of service (DoS) condition. 


2021-10-21 


not yet 
calculated 


CVE-2021-34736 
CISCO 








cisco -- ios_xe_sd-wan_software 


A vulnerability in the CLI of Cisco IOS XE SD-WAN Software 
could allow an authenticated, local attacker to execute arbitrary 
commands with root privileges. The vulnerability is due to 
insufficient input validation by the system CLI. An attacker could 
exploit this vulnerability by authenticating to an affected device 
and submitting crafted input to the system CLI. A successful 
exploit could allow the attacker to execute commands on the 
underlying operating system with root privileges. 


2021-10-21 


not yet 
calculated 


CVE-2021-1529 
CISCO 





cisco -- meeting_server 


A vulnerability in an API of the Call Bridge feature of Cisco 
Meeting Server could allow an unauthenticated, remote attacker to 
cause a denial of service (DoS) condition. This vulnerability is due 
to improper handling of large series of message requests. An 
attacker could exploit this vulnerability by sending a series of 
messages to the vulnerable API. A successful exploit could allow 
the attacker to cause the affected device to reload, dropping all 
ongoing calls and resulting in a DoS condition. 


2021-10-21 


not yet 
calculated 





CVE-2021-40122 
CISCO 








cisco -- 
telepresence_management_suite 








A vulnerability in the web-based management interface of Cisco 
TelePresence Management Suite (TMS) Software could allow an 
authenticated, remote attacker to conduct a cross-site scripting 
(XSS) attack against a user of the interface. This vulnerability is 
due to insufficient input validation by the web-based management 
interface. An attacker could exploit this vulnerability by inserting 
malicious data in a specific data field in the interface. A successful 
exploit could allow the attacker to execute arbitrary script code in 
the context of the affected interface or access sensitive, browser- 
based information. 











2021-10-21 


not yet 
calculated 








CVE-2021-34760 
CISCO 
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cisco -- tetration 


A vulnerability in the web-based management interface of Cisco 
Tetration could allow an authenticated, remote attacker to perform 
a stored cross-site scripting (XSS) attack on an affected system. 
This vulnerability exists because the web-based management 
interface does not sufficiently validate user-supplied input. An 
attacker could exploit this vulnerability by injecting malicious code 
into specific pages of the interface. A successful exploit could 
allow the attacker to execute arbitrary script code in the context of 
the affected interface or access sensitive, browser-based 
information. To exploit this vulnerability, the attacker would need 
valid administrative credentials. 


2021-10-21 


not yet 
calculated 


CVE-2021-34789 
CISCO 








cisco -- webex_software 


A vulnerability in the application integration feature of Cisco 
Webex Software could allow an unauthenticated, remote attacker 
to authorize an external application to integrate with and access a 
user's account without that user's express consent. This 
vulnerability is due to improper validation of cross-site request 
forgery (CSRF) tokens. An attacker could exploit this vulnerability 
by convincing a targeted user who is currently authenticated to 
Cisco Webex Software to follow a link designed to pass malicious 
input to the Cisco Webex Software application authorization 
interface. A successful exploit could allow the attacker to cause 
Cisco Webex Software to authorize an application on the user's 
behalf without the express consent of the user, possibly allowing 
external applications to read data from that user's profile. 


2021-10-21 


not yet 
calculated 


CVE-2021-34743 
CISCO 








civetweb -- civetweb 


The CivetWeb web library does not validate uploaded filepaths 
when running on an OS other than Windows, when using the built- 
in HTTP form-based file upload mechanism, via the 
mg_handle_form_request API. Web applications that use the file 
upload form handler, and use parts of the user-controlled filename 
in the output path, are susceptible to directory traversal 


2021-10-21 


not yet 
calculated 


CVE-2020-27304 
MISC 
MISC 








cosmos -- sdk 


The Cosmos-SDK is a framework for building blockchain 
applications in Golang. Affected versions of the SDK were 
vulnerable to a consensus halt due to non-deterministic behaviour 
in a ValidateBasic method in the x/authz module. The MsgGrant of 
the x/authz module contains a Grant field which includes a user- 
defined expiration time for when the authorization grant expires. In 
Grant.ValidateBasic(), that time is compared to the nodea€™s 
local clock time. Any chain running an affected version of the SDK 
with the authz module enabled could be halted by anyone with the 
ability to send transactions on that chain. Recovery would require 
applying the patch and rolling back the latest block. Users are 
advised to update to version 0.44.2. 


2021-10-20 


not yet 
calculated 


CVE-2021-41135 
MISC 

CONFIRM 

MISC 








csdn -- app_4 


Cross-Site Scripting (XSS) vulnerability exists in Csdn APP 
4.10.0, which can be exploited by attackers to obtain sensitive 
information such as user cookies. 


2021-10-22 


not yet 
calculated 


CVE-2021-41747 
MISC 
MISC 








dedecms -- dedecms 


DedeCMS v7.5 SP2 was discovered to contain multiple cross-site 
scripting (XSS) vulnerabilities in the component 
sys_admin_user_edit.php via the ‘filename’, ‘mid’, ‘userid’, and 
‘templet’ parameters. 


2021-10-22 


not yet 
calculated 


CVE-2020-36496 
MISC 








dedecms -- dedecms 


DedeCMS v7.5 SP2 was discovered to contain multiple cross-site 
scripting (XSS) vulnerabilities in the component 
mychannel_edit.php via the ‘filename’, ‘mid’, ‘userid’, and 
‘templet’ parameters. 


2021-10-22 


not yet 
calculated 


CVE-2020-36494 
MISC 








dedecms -- dedecms 


DedeCMS v7.5 SP2 was discovered to contain multiple cross-site 
scripting (XSS) vulnerabilities in the component select_media.php 
via the ‘activepath’, ‘keyword’, ‘tag’, ‘fmdo=x&filename’, 
*CKEditor’ and `CKEditorFuncNum` parameters. 


2021-10-22 


not yet 
calculated 


CVE-2020-36492 
MISC 








dedecms -- dedecms 


DedeCMS v7.5 SP2 was discovered to contain multiple cross-site 
scripting (XSS) vulnerabilities in the component 
makehtml_homepage.php via the ‘filename’, ‘mid’, ‘userid’, and 
‘templet’ parameters. 


2021-10-22 


not yet 
calculated 


CVE-2020-36497 
MISC 








dedecms -- dedecms 


DedeCMS v7.5 SP2 was discovered to contain multiple cross-site 
scripting (XSS) vulnerabilities in the component 
file_manage_view.php via the ‘filename’, ‘mid’, ‘userid’, and 
‘templet’ parameters. 


2021-10-22 


not yet 
calculated 


CVE-2020-36495 
MISC 








dedecms -- dedecms 


DedeCMS v7.5 SP2 was discovered to contain multiple cross-site 
scripting (XSS) vulnerabilities in the component media_main.php 
via the ‘activepath’, ‘keyword’, ‘tag’, ‘fmdo=x&filename’, 
*CKEditor’ and `CKEditorFuncNum` parameters. 


2021-10-22 


not yet 
calculated 


CVE-2020-36493 
MISC 








dedecms -- dedecms 











DedeCMS v7.5 SP2 was discovered to contain multiple cross-site 
scripting (XSS) vulnerabilities in the component tpl.php via the 
‘filename’, ‘mid’, ‘userid’, and ‘templet’ parameters. 








2021-10-22 





not yet 
calculated 








CVE-2020-23046 
MISC 
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individual validators, via short-range reorganizations of the 
underlying consensus chain. 

















Primary ae A CVSS Source & Patch 
Vendor -- Product Description Published Score Info 
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site 
dedecms -- dedecms scripting (XSS) vulnerabilities in the component file_pic_view.php 2021-10-22 not yet CVE-2020-23044 
via the ‘activepath’, ‘keyword’, ‘tag’, ‘fmdo=x&filename’, calculated |MISC 
*CKEditor’ and ‘CKEditorFuncNum* parameters. 
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site 
dedecms -- dedecms scripting (XSS) vulnerabilities in the component tags_main.php via 2021-10-22 not yet |CVE-2020-36491 
the ‘activepath’, ‘keyword’, ‘tag’, ‘fmdo=x&filename’, ‘CKEditor calculated ||MISC 
and *CKEditorFuncNum’ parameters. 
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site 
_ scripting (XSS) vulnerabilities in the component t : 
dedecms — dedecms file_manage_view.php via the ‘activepath’, ‘keyword’, ‘tag’, 2021-10-22 Pee ee -r 
`fmdo=x&filename`, `CKEditor` and `CKEditorFuncNum` === 
parameters. 
Discourse is an open source platform for community discussion. In 
affected versions maliciously crafted requests could lead to 
discourse = discourss remote code execution. This resulted from a lack of validation in notyet CVE-2021-41163 
subscribe_url values. This issue is patched in the latest stable, 2021-10-20 iced CONFIRM 
beta and tests-passed versions of Discourse. To workaround the MISC 
issue without updating, requests with a path starting 
/webhooks/aws path could be blocked at an upstream proxy. 
Draytek VigorAP 1000C contains a stored cross-site scripting 
: (XSS) vulnerability in the RADIUS Setting - RADIUS Server 
draytek —- vigorap_1000c Configuration module. This vulnerability allows attackers to 2021-10-22 e e ae 
execute arbitrary web scripts or HTML via a crafted payload in the aes 
username input field. 
Dropouts Technologies LLP Air Share v1.2 was discovered to 
dropouts_technoligies_Ilp -- contain a cross-site scripting (XSS) vulnerability in the 
air_share devicename parameter. This vulnerability allows attackers to 2021-10-22 Pet ie oo 
execute arbitrary web scripts or HTML via a crafted payload in the ais 
devicename information. 
Dropouts Technologies LLP Air Share v1.2 was discovered to 
dropouts_technologies_llp -- contain a cross-site scripting (XSS) vulnerability in the path 
air_share parameter of the ‘list’ and ‘download’ exception-handling. This 2021-10-22 Pah a woo 
vulnerability allows attackers to execute arbitrary web scripts or ae 
HTML via a crafted GET request. 
Dropouts Technologies LLP Super Backup v2.0.5 was discovered 
dropouts teehnoladies: lo to contain a cross-site scripting (XSS) vulnerability in the path not yet |ICVE-2020-23042 
hee S on gies_lp parameter of the ‘list’ and ‘download’ module. This vulnerability || 2021-10-22 eae eaaa ~ 
per_ P allows attackers to execute arbitrary web scripts or HTML via a eee 
crafted GET request. 
Dropouts Technologies LLP Super Backup v2.0.5 was discovered 
droupouts_technologies_Ilp -- to contain an issue in the path parameter of the ‘list’ and 
super_backup ‘download’ module which allows attackers to perform a directory 2021-10-22 e ae 
traversal via a change to the path variable to request the local list ae 
command. 
eLabF TW is an open source electronic lab notebook manager for 
research teams. In versions of eLabF TW before 4.1.0, it allows 
attackers to bypass a brute-force protection mechanism by using T £ 
many different forged PHPSESSID values in HTTP Cookie oaa mn 
header. This issue has been addressed by implementing brute acA 
elabftw -- elabftw : : . ; not yet MISC 
force login protection, as recommended by Owasp with Device 2021-10-22 calculated MISC 
Cookies. This mechanism will not impact users and will effectively MISC 
thwart any brute-force attempts at guessing passwords. The only MISC 
correct way to address this is to upgrade to version 4.1.0. Adding a 
rate limitation upstream of the eLabFTW service is of course a 
valid option, with or without upgrading. 
The affected product is vulnerable to improper input validation in z : 
emerson -- wirelesshart_gateway _ |the restore file. This enables an attacker to provide malicious 2021-10-22 kas a 
config files to replace any file on disk. has ama 
The Proof-of-Stake (PoS) Ethereum consensus protocol through 
2021-10-19 allows an adversary to leverage network delay to not yet CVE-2021-42765 
etherum -= etherum cause a denial of service (indefinite stalling of consensus 2021-10-20 || calculated (MISC 
decisions). 
The Proof-of-Stake (PoS) Ethereum consensus protocol through 
2021-10-19 allows an adversary to cause a denial of service 
etherum -- etherum (long-range consensus chain reorganizations), even when this 2021-10-20 not yet ||CVE-2021-42766 
adversary has little stake and cannot influence network message calculated ||MISC 
propagation. This can cause a protocol stall, or an increase in the 
profits of individual validators. 
The Proof-of-Stake (PoS) Ethereum consensus protocol through 
2021-10-19 allows an adversary to cause a denial of service 
etherum -= etherum (delayed consensus decisions), and also increase the profits of 2021-10-20 aa oe 
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exploitation.Product: AndroidVersions: Android-9 Android-10 
Android-11 Android-8.1Android ID: A-183262161 

















Primary ae A CVSS Source & Patch 
Vendor -- Product Description Pubilehed | Score Info 
FlashGet v1.9.6 was discovered to contain a buffer overflow in the 
flashget -- flashget 'current path directory' function. This vulnerability allows attackers || 2021-10-22 i A e =e 
to elevate local process privileges via overwriting the registers. e 
Folder Lock v3.4.5 was discovered to contain a stored cross-site 
z scripting (XSS) vulnerability in the Create Folder function under T f 
folder_lock = folder_lock the 'create' module. This vulnerability allows attackers to execute 2021-10-22 Paar — 
arbitrary web scripts or HTML via a crafted payload as a path or fa 
folder name. 
Fork CMS Content Management System v5.8.0 was discovered to 
fork_cms -- contain a cross-site scripting (XSS) vulnerability in the 
content_management_system *Displayname’ field when using the ‘Add’, ‘Edit’ or ‘Register’ 2021-10-22 eu -T O 
functions. This vulnerability allows attackers to execute arbitrary e 
web scripts or HTML. 
Multiple cross-site scripting (XSS) vulnerabilities in the Customer 
foxlor -- foxlor Add module of Foxlor v0.10.16 allows attackers to execute 2021-10-22 not yet ||CVE-2020-28957 
arbitrary web scripts or HTML via a crafted payload entered into calculated ||MISC 
the name, firstname, or username input fields. 
FreeBSD's crontab calculates the MD5 sum of the previous and 
new cronjob to determine if any changes have been made before CVE-2011-1075 
freebsd -- freebsd copying the new version in. In particular, it uses the MD5File() 2021-10-19 not yet MISC. 
function, which takes a pathname as an argument, and is called calculated MISC 
with euid 0. A race condition in this process may lead to an Co 
arbitrary MD5 comparison regardless of the read permissions. 
FreeRDP is a free implementation of the Remote Desktop 
Protocol (RDP), released under the Apache license. In affected 
versions a malicious server might trigger out of bound writes in a 
connected client. Connections using GDI or SurfaceCommands to 
freerdp — freerdp send graphics updates to the client might send ‘0° width/height or || 2021-10-21 Pilsa ae oe ae 
out of bound rectangles to trigger out of bound writes. With `0` eer 
width or heigth the memory allocation will be “O° but the missing 
bounds checks allow writing to the pointer at this (not allocated) 
region. This issue has been patched in FreeRDP 2.4.1. 
FreeRDP is a free implementation of the Remote Desktop 
Protocol (RDP), released under the Apache license. All FreeRDP 
clients prior to version 2.4.1 using gateway connections ("/gt:rpc’) 
freerdp -- freerdp fail to validate input data. A malicious gateway might allow client 2021-10-21 not yet CVE-2021-41159 
memory to be written out of bounds. This issue has been resolved calculated |CONFIRM 
in version 2.4.1. If you are unable to update then use `/gt:http` 
rather than /gt:rdp connections if possible or use a direct 
connection without a gateway. 
CVE-2021-42836 
MISC 
gjson -- gjson GJSON before 1.9.3 allows a ReDoS (regular expression denial of 2021-10-22 not yet MISC 
service) attack. calculated |MISC 
MISC 
MISC 
GNU Mailman before 2.1.35 may allow remote Privilege we 
nü imainan Escalation. A certain csrf_token value is derived from the admin 2021-10-21 not yet CONFIRM 
9 password, and may be useful in conducting a brute-force attack calculated MLIST 
against that password. DEBIAN 
GNU Mailman before 2.1.35 may allow remote Privilege CVE-2021-42097 
nus mailman Escalation. A csrf_token value is not specific to a single user notvét CONFIRM 
9 account. An attacker can obtain a value within the context of an 2021-10-21 Gaieiea CONFIRM 
unprivileged user account, and then use that value in a CSRF MLIST 
attack against an admin (e.g., for account takeover). DEBIAN 
In RW_SetActivatedTagType of rw_main.cc, there is possible 
memory corruption due to a race condition. This could lead to 
; remote code execution with no additional execution privileges not yet ||CVE-2021-0870 
google -- android needed. User interaction is not needed for exploitation.Product: 2021-10-22 || calculated MISC 
AndroidVersions: Android-9 Android-10 Android-11 Android- 
8.1Android ID: A-192472262 
In runDumpHeap of ActivityManagerShellCommand.java, there is 
a possible deletion of system files due to a confused deputy. This 
; could lead to local escalation of privilege with no additional not yet ||CVE-2021-0708 
google ~ android execution privileges needed. User interaction is not needed for 2021-10-22 || calculated [MISC 
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google -- android 


In sanitizeSbn of NotificationManagerService.java, there is a 
possible way to keep service running in foreground and keep 
granted permissions due to Bypass of Background Service 
Restrictions. This could lead to local escalation of privilege with no 
additional execution privileges needed. User interaction is not 
needed for exploitation.Product: AndroidVersions: Android-11 
Android-10Android ID: A-185388103 


2021-10-22 


not yet 
calculated 


CVE-2021-0705 
MISC 








google -- android 


In SecondStageMain of init.cpp, there is a possible use after free 
due to incorrect shared_ptr usage. This could lead to local 
escalation of privilege if the attacker has physical access to the 
device, with no additional execution privileges needed. User 
interaction is not needed for exploitation.Product: 
AndroidVersions: Android-11Android ID: A-184569329 


2021-10-22 


not yet 
calculated 


CVE-2021-0703 
MISC 








google -- android 


In VectorDrawable::VectorDrawable of VectorDrawable.java, there 
is a possible way to introduce a memory corruption due to sharing 
of not thread-safe objects. This could lead to local escalation of 
privilege with no additional execution privileges needed. User 
interaction is not needed for exploitation.Product: 
AndroidVersions: Android-8.1 Android-9 Android-10 Android- 
11Android ID: A-185178568 


2021-10-22 


not yet 
calculated 


CVE-2021-0652 
MISC 








google -- android 


In multiple methods of AAudioService, there is a possible use- 
after-free due to a race condition. This could lead to local 
escalation of privilege with User execution privileges needed. User 
interaction is not needed for exploitation.Product: 
AndroidVersions: Android-10 Android-11Android ID: A-153358911 


2021-10-22 


not yet 
calculated 


CVE-2021-0483 
MISC 








google -- android 


In getAllSubInfoList of SubscriptionController.java, there is a 
possible way to retrieve a long term identifier without the correct 
permissions due to a missing permission check. This could lead to 
local information disclosure with User execution privileges 
needed. User interaction is not needed for exploitation.Product: 
AndroidVersions: Android-11 Android-10Android ID: A-183612370 


2021-10-22 


not yet 
calculated 


CVE-2021-0643 
MISC 








google -- android 


In loadLabel of PackageltemInfo.java, there is a possible way to 
DoS a device by having a long label in an app due to incorrect 
input validation. This could lead to local denial of service with no 
additional execution privileges needed. User interaction is needed 
for exploitation.Product: AndroidVersions: Android-11 Android-9 
Android-10Android ID: A-67013844 


2021-10-22 


not yet 
calculated 


CVE-2021-0651 
MISC 








google -- android 


In startListening of PluginManager|Impl.java, there is a possible 
way to disable arbitrary app components due to a missing 
permission check. This could lead to local denial of service with no 
additional execution privileges needed. User interaction is not 
needed for exploitation.Product: AndroidVersions: Android-9 
Android-10 Android-11 Android-8.1Android ID: A-193444889 


2021-10-22 


not yet 
calculated 


CVE-2021-0706 
MISC 








google -- android 


In RevertActiveSessions of apexd.cpp, there is a possible way to 
share the wrong file due to an unintentional MediaStore 
downgrade. This could lead to local information disclosure with no 
additional execution privileges needed. User interaction is needed 
for exploitation.Product: AndroidVersions: Android-11Android ID: 
A-193932765 


2021-10-22 


not yet 
calculated 


CVE-2021-0702 
MISC 








hcl -- traveler_companion 


"HCL Traveler Companion is vulnerable to an iOS weak 
cryptographic process vulnerability via the included Mobilelron 
[AAppConnect SDK" 


2021-10-21 


not yet 
calculated 





CVE-2020-14263 
MISC 








hcl_software -- connections 


"HCL Connections Security Update for Reflected Cross-Site 
Scripting (XSS) Vulnerability" 


2021-10-21 


not yet 
calculated 





CVE-2021-27746 
MISC 








hyland -- alfresco 


An issue was discovered in Hyland org.alfresco:alfresco-content- 
services through 6.2.2.18 and org.alfresco:alfresco-transform- 
services through 1.3. A crafted HTML file, once uploaded, could 
trigger an unexpected request by the transformation engine. The 
response to the request is not available to the attacker, i.e., this is 
blind SSRF. 


2021-10-21 


not yet 
calculated 


CVE-2021-41792 
MISC 
MISC 








hyland -- alfresco 


An issue was discovered in Hyland org.alfresco:share through 
7.0.0.2 and org.alfresco:community-share through 7.0. An evasion 
of the XSS filter for HTML input validation in the Alfresco Share 
User Interface leads to stored XSS that could be exploited by an 
attacker (given that he has privileges on the content collaboration 
features). 


2021-10-21 


not yet 
calculated 


CVE-2021-41791 
MISC 
MISC 











hyland -- alfresco 








An issue was discovered in Hyland org.alfresco:alfresco-content- 
services through 7.0.1.2. Script Action execution allows executing 
scripts uploaded outside of the Data Dictionary. This could allow a 
logged-in attacker to execute arbitrary code inside a sandboxed 
environment. 








2021-10-21 





not yet 
calculated 








CVE-2021-41790 
MISC 
MISC 
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server to disclose sensitive information in the HTTP response 
which allows the attacker to obtain sensitive information. 

















Primary oar A CVSS Source & Patch 
Vendor -- Product Description eubilehed Score Info 
IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 is 
ibm -- vulnerable to cross-site scripting. This vulnerability allows users to not vet CVE-2021-29835 
business_automation_workflow embed arbitrary JavaScript code in the Web UI thus altering the 2021-10-22 sical CONFIRM 
intended functionality potentially leading to credentials disclosure XE 
within a trusted session. IBM X-Force ID: 204833. 
ibm -- flash_system_900 IBM Flash System 900 could allow an authenticated attacker to not yet a S 
obtain sensitive information and cause a denial of service due to a || 2021-10-21 calculated |CONFIRM 
restricted shell escape vulnerability. IBM X-Force ID: 206229. ve 
IBM QRadar Advisor 2.5 through 2.6.1 is vulnerable to cross-site 
F ; scripting. This vulnerability allows users to embed arbitrary CVE-2021-38896 
pine dradar odvio JavaScript code in the Web UI thus altering the intended 2021-10-20 || cyst | CONFIRM 
functionality potentially leading to credentials disclosure within a ia XF 
trusted session. IBM X-Force ID: 209566. 
IBM Standards Processing Engine (IBM Transformation Extender 
Advanced 9.0 and 10.0) does not set the secure attribute on 
ibm -- authorization tokens or session cookies. Attackers may be able to Rot vet CVE-2021-29883 
standards_processing_engine get the cookie values by sending a http:// link to a user or by 2021-10-21 erred CONFIRM 
planting this link in a site the user goes to. The cookie will be sent XE 
to the insecure link and the attacker can then obtain the cookie 
value by snooping the traffic. IBM X-Force ID: 207090. 
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 
inhand_networks -- ir615_routers |[2.3.0.r4870 are vulnerable to an attacker using a traceroute tool to 2021-10-19 not yet ||CVE-2021-38478 
inject commands into the device. This may allow the attacker to calculated |MISC 
remotely run commands on behalf of the device. 
internet_download_manager -- Internet Download Manager 6.37.11.1 was discovered to contain a 
internet_download_manager stack buffer overflow in the Search function. This vulnerability 2021-10-22 not yet |CVE-2020-28964 
= = allows attackers to escalate local process privileges via calculated |MISC 
unspecified vectors. 
internet_download_manager -- Internet Download Manager 6.37.11.1 was discovered to contain a 
; = = stack buffer overflow in the Export/Import function. This not yet ||CVE-2020-23060 
internet_download_manager ie ay 2021-10-22 
vulnerability allows attackers to escalate local process privileges calculated |MISC 
via a crafted ef2 file. 
The usage of an internal HTTP header created an authentication 
be bypass vulnerability (CWE-287), allowing an attacker to view 
Mee chhol session simati internal files, change settings, manipulate services and execute 2021-10-19 not yet |CVE-2021-31349 
= 9y— ton -rou ărbitrary code. This issue affects all Juniper Networks 128 = calculated |CONFIRM 
‘Technology Session Smart Router versions prior to 4.5.11, and all 
versions of 5.0 up to and including 5.0.1. 
The Juniper Networks CTPView server is not enforcing HTTP 
Strict Transport Security (HSTS). HSTS is an optional response 
header which allows servers to indicate that content from the 
nipèr- Gto view: server requested domain will only be served over HTTPS. The lack of 2021-10-19 not yet |CVE-2021-0296 
junip P = HSTS may leave the system vulnerable to downgrade attacks, calculated |CONFIRM 
SSL-stripping man-in-the-middle attacks, and weakens cookie- 
hijacking protections. This issue affects Juniper Networks 
CTPView: 7.3 versions prior to 7.3R7; 9.1 versions prior to 9.1R3. 
A configuration weakness in the JBoss Application Server 
Pewee f ave (AppSvr) component of Juniper Networks SRC Series allows a 
juniper -- jboss_application_server remote attacker to send a specially crafted query to cause the web]} 2021-10-19 La ie eo re 
server to delete files which may allow the attacker to disrupt the caicuiated ee 
integrity and availability of the system. 
A configuration weakness in the JBoss Application Server 
Pa R ave (AppSvr) component of Juniper Networks SRC Series allows a 
juniper -- jboss_application_server remote attacker to send a specially crafted query to cause the web]} 2021-10-19 not yet i anm 0a 1-3100 
calculated |CONFIRM 
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juniper -- junos_os 


An Uncontrolled Resource Consumption vulnerability in Juniper 
Networks Junos OS on EX2300, EX3400 and EX4300 Series 
platforms allows an adjacent attacker sending a stream of layer 2 
frames will trigger an Aggregated Ethernet (AE) interface to go 
down and thereby causing a Denial of Service (DoS). By 
continuously sending a stream of specific layer 2 frames an 
attacker will sustain the Denial of Service (DoS) condition. This 
issue affects: Juniper Networks Junos OS EX4300 Series All 
versions prior to 15.1R7-S7; 16.1 versions prior to 16.1R7-S8; 
17.1 versions prior to 17.1R2-S12; 17.2 versions prior to 17.2R3- 
S4; 17.3 versions prior to 17.3R3-S8; 17.4 versions prior to 
17.4R2-S10, 17.4R3-S2; 18.1 versions prior to 18.1R3-S10; 18.2 
versions prior to 18.2R2-S7, 18.2R3-S3; 18.3 versions prior to 
18.3R2-S4, 18.3R3-S2; 18.4 versions prior to 18.4R1-S7, 18.4R2- 
S4, 18.4R3-S1; 19.1 versions prior to 19.1R1-S5, 19.1R2-S1, 
19.1R3; 19.2 versions prior to 19.2R1-S5, 19.2R2; 19.3 versions 
prior to 19.3R2-S2, 19.3R3; 19.4 versions prior to 19.4R1-S2, 
19.4R2. Juniper Networks Junos OS EX3400 and EX4300-MP 
Series All versions prior to 18.1R3-S12; 18.2 versions prior to 
18.2R3-S7; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior 
to 18.4R2-S9, 18.4R3-S7; 19.1 versions prior to 19.1R2-S3, 
19.1R3-S4; 19.2 versions prior to 19.2R3-S1; 19.3 versions prior 
to 19.3R3-S1; 19.4 versions prior to 19.4R3-S1; 20.1 versions 
prior to 20.1R3; 20.2 versions prior to 20.2R3; 20.3 versions prior 
to 20.3R2. Juniper Networks Junos OS EX2300 Series All 
versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2-S9, 
18.4R3-S9; 19.1 versions prior to 19.1R2-S3, 19.1R3-S6; 19.2 
versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 
19.3R2-S7, 19.3R3-S3; 19.4 versions prior to 19.4R3-S5; 20.1 
versions prior to 20.1R2-S2, 20.1R3-S1; 20.2 versions prior to 
20.2R3-S2; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior 
to 20.4R2-S1, 20.4R3; 21.1 versions prior to 21.1R2. 


2021-10-19 


not yet 
calculated 


CVE-2021-31365 
CONFIRM 








juniper -- junos_os 


An Improper Input Validation vulnerability in J-Web of Juniper 
Networks Junos OS allows a locally authenticated J-Web attacker 
to escalate their privileges to root over the target device. This 
issue affects: Juniper Networks Junos OS All versions prior to 
18.3R3-S5; 18.4 versions prior to 18.4R3-S9; 19.1 versions prior 
to 19.1R3-S6; 19.2 versions prior to 19.2R3-S3; 19.3 versions 
prior to 19.3R3-S3; 19.4 versions prior to 19.4R3-S5; 20.1 
versions prior to 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 
20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3; 
21.1 versions prior to 21.1R2, 21.1R3; 21.2 versions prior to 
21.2R1-S1, 21.2R2; 


2021-10-19 


not yet 
calculated 


CVE-2021-31372 
CONFIRM 








juniper -- junos_os 


Juniper Networks Junos OS uses the 128.0.0.0/2 subnet for 
internal communications between the RE and PFEs. It was 
discovered that packets utilizing these IP addresses may egress 
an QFX5110 switch, leaking configuration information such as 
heartbeats, kernel versions, etc. out to the Internet, leading to an 
information exposure vulnerability. This issue affects: Juniper 
Networks Junos OS on QFX5110 Series: All versions prior to 
17.3R3-S12; 18.1 versions prior to 18.1R3-S13; 18.3 versions 
prior to 18.3R3-S5; 19.1 versions prior to 19.1R3-S6; 19.2 
versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 
19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R1-S4, 19.4R3- 
S5; 20.1 versions prior to 20.1R2-S2, 20.1R3-S1; 20.2 versions 
prior to 20.2R3-S2; 20.3 versions prior to 20.3R3-S1; 20.4 
versions prior to 20.4R2-S1, 20.4R3; 21.1 versions prior to 
21.1R1-S1, 21.1R2; 


2021-10-19 


not yet 
calculated 


CVE-2021-31371 
CONFIRM 








juniper -- junos_os 








An improper privilege management vulnerability in the Juniper 
Networks Junos OS and Junos OS Evolved command-line 
interpreter (CLI) allows a low-privileged user to overwrite local files 
as root, possibly leading to a system integrity issue or Denial of 
Service (DoS). Depending on the files overwritten, exploitation of 
this vulnerability could lead to a sustained Denial of Service (DoS) 
condition, requiring manual user intervention to recover. This issue 
affects: Juniper Networks Junos OS: All versions, including the 
following supported releases: 15.1 versions prior to 15.1R7-S10; 
17.4 versions prior to 17.4R3-S5; 18.3 versions prior to 18.3R3- 
S5; 18.4 versions prior to 18.4R3-S9; 19.1 versions prior to 
19.1R3-S6; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 
versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 
19.4R3-S6; 20.1 versions prior to 20.1R2-S2, 20.1R3-S1; 20.2 
versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 
versions prior to 20.4R2-S1, 20.4R3; 21.1 versions prior to 
21.1R1-S1, 21.1R2. Juniper Networks Junos OS Evolved: All 





versions prior to 20.4R2-S3-EVO; All versions of 21.1-EVO. 








2021-10-19 





not yet 
calculated 





CVE-2021-31360 
CONFIRM 














https://content.govdelivery.com/accounts/USDHSCISA/bulletins/2f919b9 





23/64 


10/25/21, 1:59 PM 


Vulnerability Summary for the Week of October 18, 2021 





Primary 
Vendor -- Product 


Description 


Published 


CVSS 
Score 


Source & Patch 
Info 








juniper -- junos_os 


A persistent Cross-Site Scripting (XSS) vulnerability in Juniper 
Networks Junos OS on SRX Series, J-Web interface may allow a 
remote authenticated user to inject persistent and malicious 
scripts. An attacker can exploit this vulnerability to steal sensitive 
data and credentials from a web administration session, or hijack 
another user's active session to perform administrative actions. 
This issue affects: Juniper Networks Junos OS on SRX Series: 
18.2 versions prior to 18.2R3-S8; 18.3 versions prior to 18.3R3- 
S5; 18.4 versions prior to 18.4R3-S8; 19.1 versions prior to 
19.1R3-S5; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 
versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 
19.4R1-S4, 19.4R2-S4, 19.4R3-S3; 20.1 versions prior to 20.1R2- 
S2, 20.1R3; 20.2 versions prior to 20.2R3-S1; 20.3 versions prior 
to 20.3R2-S1, 20.3R3. 


2021-10-19 


not yet 
calculated 


CVE-2021-31373 
CONFIRM 








juniper -- junos_os 


An Incorrect Permission Assignment for Critical Resource 
vulnerability of a certain file in the filesystem of Junos OS allows a 
local authenticated attacker to cause routing process daemon 
(RPD) to crash and restart, causing a Denial of Service (DoS). 
Repeated actions by the attacker will create a sustained Denial of 
Service (DoS) condition. This issue affects: Juniper Networks 
Junos OS: 15.1 versions prior to 15.1R7-S9; 17.3 versions prior to 
17.3R3-S12; 17.4 versions prior to 17.4R2-S13, 17.4R3-S5; 18.1 
versions prior to 18.1R3-S13; 18.2 versions prior to 18.2R3-S8; 
18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2- 
S8, 18.4R3-S7; 19.1 versions prior to 19.1R2-S3, 19.1R3-S5; 19.2 
versions prior to 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 
19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3- 
$2; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior 
to 20.2R2-S3, 20.2R3; 20.3 versions prior to 20.3R3; 20.4 
versions prior to 20.4R1-S1, 20.4R2. 


2021-10-19 


not yet 
calculated 


CVE-2021-31377 
CONFIRM 








juniper -- junos_os 


An Incorrect Behavior Order vulnerability in the MAP-E automatic 
tunneling mechanism of Juniper Networks Junos OS allows an 
attacker to send certain malformed IPv4 or IPv6 packets to cause 
a Denial of Service (DoS) to the PFE on the device which is 
disabled as a result of the processing of these packets. Continued 
receipt and processing of these malformed IPv4 or IPv6 packets 
will create a sustained Denial of Service (DoS) condition. This 
issue only affects MPC 7/8/9/10/11 cards, when MAP-E IP 
reassembly is enabled on these cards. An indicator of 
compromise is the output: FPC ["FPC ID" # e.g. "0"] PFE #{PFE 
ID # e.g. "1"] : Fabric Disabled Example: FPC 0 PFE #1 : Fabric 
Disabled when using the command: show chassis fabric fpcs An 
example of a healthy result of the command use would be: 
user@device-re1> show chassis fabric fpcs Fabric management 
FPC state: FPC 0 PFE #0 Plane 0: Plane enabled Plane 1: Plane 
enabled Plane 2: Plane enabled Plane 3: Plane enabled Plane 4: 
Plane enabled Plane 5: Plane enabled Plane 6: Plane enabled 
Plane 7: Plane enabled This issue affects: Juniper Networks 
Junos OS on MX Series with MPC 7/8/9/10/11 cards, when MAP- 
E IP reassembly is enabled on these cards. 17.2 version 17.2R1 
and later versions; 17.3 versions prior to 17.3R3-S9; 17.4 versions 
prior to 17.4R2-S12, 17.4R3-S3; 18.1 versions prior to 18.1R3- 
$11; 18.2 versions prior to 18.2R2-S6, 18.2R3-S3; 18.3 versions 
prior to 18.3R2-S4, 18.3R3-S1; 18.4 versions prior to 18.4R1-S8, 
18.4R2-S5, 18.4R3; 19.1 versions prior to 19.1R1-S6, 19.1R2-S2, 
19.1R3; 19.2 versions prior to 19.2R1-S5, 19.2R2; 19.3 versions 
prior to 19.3R2-S5, 19.3R3. This issue does not affect Juniper 
Networks Junos OS versions prior to 17.2R1. 


2021-10-19 


not yet 
calculated 


CVE-2021-31379 
CONFIRM 
MISC 








juniper -- junos_os 


An Information Exposure vulnerability in Juniper Networks SRC 
Series devices configured for NETCONF over SSH permits the 
negotiation of weak ciphers, which could allow a remote attacker 
to obtain sensitive information. A remote attacker with read and 
write access to network data could exploit this vulnerability to 
display plaintext bits from a block of ciphertext and obtain 
sensitive information. This issue affects all Juniper Networks SRC 
Series versions prior to 4.13.0-R6. 


2021-10-19 


not yet 
calculated 


CVE-2021-31352 
CONFIRM 








juniper -- junos_os 











A Race Condition in the 'show chassis pic' command in Juniper 
Networks Junos OS Evolved may allow an attacker to crash the 
port interface concentrator daemon (picd) process on the FPC, if 
the command is executed coincident with other system events 
outside the attacker's control, leading to a Denial of Service (DoS) 
condition. Continued execution of the CLI command, under 
precise conditions, could create a sustained Denial of Service 
(DoS) condition. This issue affects all Juniper Networks Junos OS 
Evolved versions prior to 20.1R2-EVO on PTX10003 and 
PTX10008 platforms. Junos OS is not affected by this 
vulnerability. 











2021-10-19 





not yet 
calculated 





CVE-2021-0298 
CONFIRM 
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An Improper Handling of Exceptional Conditions vulnerability in 
Juniper Networks Junos OS and Junos OS Evolved allows an 
attacker to inject a specific BGP update, causing the routing 
protocol daemon (RPD) to crash and restart, leading to a Denial of 
Service (DoS). Continued receipt and processing of the BGP 
update will create a sustained Denial of Service (DoS) condition. 
This issue affects very specific versions of Juniper Networks 
juniper -- junos_os Junos OS: 19.3R3-S2; 19.4R3-S3; 20.2 versions 20.2R2-S3 and 2021-10-19 
later, prior to 20.2R3-S2; 20.3 versions 20.3R2 and later, prior to 
20.3R3; 20.4 versions 20.4R2 and later, prior to 20.4R3; 21.1 
versions prior to 21.1R2. Juniper Networks Junos OS 20.1 is not 
affected by this issue. This issue also affects Juniper Networks 
Junos OS Evolved: All versions prior to 20.4R2-S3-EVO, 20.4R3- 
EVO; 21.1-EVO versions prior to 21.1R2-EVO; 21.2-EVO versions 
prior to 21.2R2-EVO. 


On Juniper Networks Junos OS and Junos OS Evolved devices 
processing a specially crafted BGP UPDATE or KEEPALIVE 
message can lead to a routing process daemon (RPD) crash and 
restart, causing a Denial of Service (DoS). Continued receipt and 
processing of this message will create a sustained Denial of 
Service (DoS) condition. This issue affects both IBGP and EBGP 
deployments over IPv4 or IPv6. This issue affects: Juniper 
Networks Junos OS: 17.3 versions prior to 17.3R3-S11; 17.4 
versions prior to 17.4R2-S13, 17.4R3-S4; 18.1 versions prior to 2021-10-19 not yet |CVE-2021-31374 
18.1R3-S12; 18.2 versions prior to 18.2R2-S8, 18.2R3-S7; 18.3 calculated ||CONFIRM 
versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R1-S8, 
18.4R2-S7, 18.4R3-S7; 19.1 versions prior to 19.1R1-S6, 19.1R2- 
S2, 19.1R3-S4; 19.2 versions prior to 19.2R1-S6, 19.2R3-S1; 19.3 
versions prior to 19.3R2-S5, 19.3R3-S1; 19.4 versions prior to 
19.4R1-S4, 19.4R1-S4, 19.4R2-S3, 19.4R3-S1; 20.1 versions 
prior to 20.1R2; 20.2 versions prior to 20.2R2; 20.3 versions prior 
to 20.3R1-S1, 20.3R2. Juniper Networks Junos OS Evolved: 20.3 
versions prior to 20.3R2-EVO. 


An Improper Input Validation vulnerability in routing process 
daemon (RPD) of Juniper Networks Junos OS devices configured 
with BGP origin validation using Resource Public Key 
Infrastructure (RPKI), allows an attacker to send a specific BGP 
update which may cause RPKI policy-checks to be bypassed. 
This, in turn, may allow a spoofed advertisement to be accepted 
or propagated. This issue affects: Juniper Networks Junos OS 
12.3 versions prior to 12.3R12-S18; 15.1 versions prior to 15.1R7- 
S9; 17.2 versions prior to 17.2R3-S3; 17.3 versions prior to 
17.3R3-S7; 17.4 versions prior to 17.4R2-S9, 17.4R3; 18.1 
versions prior to 18.1R3-S13; 18.2 versions prior to 18.2R3-S3; 
18.3 versions prior to 18.3R3-S1; 18.4 versions prior to 18.4R3; 
19.1 versions prior to 19.1R2; 19.2 versions prior to 19.2R2; 19.3 
versions prior to 19.3R2. 


An Improper Input Validation vulnerability in Packet Forwarding 
Engine manager (FXPC) process of Juniper Networks Junos OS 
allows an attacker to cause a Denial of Service (DoS) by sending 
specific DHCPv6 packets to the device and crashing the FXPC 
service. Continued receipt and processing of this specific packet 
will create a sustained Denial of Service (DoS) condition. This 
issue affects only the following platforms in ACX Series: ACX500, 
juniper -- junos_os ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, 2021-10-19 
ACX5096 devices. Other ACX platforms are not affected from this 
issue. This issue affects Juniper Networks Junos OS on ACX500, 
ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, 
AACX5096: 18.4 version 18.4R3-S7 and later versions prior to 
18.4R3-S8. This issue does not affect: Juniper Networks Junos 
OS 18.4 versions prior to 18.4R3-S7 on ACX500, ACX1000, 
ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096. 


A Protection Mechanism Failure vulnerability in RPD (routing 
protocol daemon) of Juniper Networks Junos OS and Junos OS 
Evolved allows an adjacent unauthenticated attacker to cause 
established IS-IS adjacencies to go down by sending a spoofed 
hello PDU leading to a Denial of Service (DoS) condition. 
Continued receipted of these spoofed PDUs will create a 
sustained Denial of Service (DoS) condition. This issue affects: 
juniper -- junos_os Juniper Networks Junos OS All versions prior to 18.2R3-S8; 18.3 || 2021-10-19 
versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R3-S9; 
19.1 versions prior to 19.1R3-S7; 19.2 versions prior to 19.2R1- 
S7, 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 
versions prior to 19.4R3-S3; 20.1 versions prior to 20.1R3; 20.2 
versions prior to 20.2R3; 20.3 versions prior to 20.3R3; 20.4 
versions prior to 20.4R2. Juniper Networks Junos OS Evolved All 
versions prior to 20.4R2-EVO; 21.1 versions prior to 21.1R2-EVO. 


not yet |CVE-2021-31353 
calculated ||CONFIRM 








juniper -- junos_os 








notyet |CVE-2021-31375 


2021-10-19 || calculated CONFIRM 


juniper -- junos_os 








not yet |CVE-2021-31376 
calculated ||CONFIRM 








not yet |CVE-2021-31362 
calculated ||CONFIRM 
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juniper -- junos_os 


A Protection Mechanism Failure vulnerability in the J-Web HTTP 
service of Juniper Networks Junos OS allows a remote 
unauthenticated attacker to perform Person-in-the-Middle (PitM) 
attacks against the device. This issue affects: Juniper Networks 
Junos OS 12.3 versions prior to 12.3R12-S20; 15.1 versions prior 
to 15.1R7-S11; 18.3 versions prior to 18.3R3-S6; 18.4 versions 
prior to 18.4R3-S10; 19.1 versions prior to 19.1R3-S7; 19.2 
versions prior to 19.2R3-S4; 19.3 versions prior to 19.3R3-S4; 
19.4 versions prior to 19.4R3-S6; 20.1 versions prior to 20.1R3- 
S2; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 
20.3R3-S1; 20.4 versions prior to 20.4R3; 21.1 versions prior to 
21.1R3; 21.2 versions prior to 21.2R2. 


2021-10-19 


not yet 
calculated 


CVE-2021-31386 
CONFIRM 








juniper -- junos_os 


An Improper Limitation of a Pathname to a Restricted Directory 
(‘Path Traversal’) vulnerability in J-Web of Juniper Networks Junos 
OS allows any low-privileged authenticated attacker to elevate 
their privileges to root. This issue affects: Juniper Networks Junos 
OS 12.3 versions prior to 12.3R12-S19; 15.1 versions prior to 
15.1R7-S10; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior 
to 18.4R3-S9; 19.1 versions prior to 19.1R3-S6; 19.2 versions 
prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 19.3R3-S3; 
19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R2- 
$2, 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions 
prior to 20.3R3; 20.4 versions prior to 20.4R2-S1, 20.4R3; 21.1 
versions prior to 21.1R1-S1, 21.1R2. 


2021-10-19 


not yet 
calculated 


CVE-2021-31385 
CONFIRM 








juniper -- junos_os 


A command injection vulnerability in sftp command processing on 
Juniper Networks Junos OS Evolved allows an attacker with 
authenticated CLI access to be able to bypass configured access 
protections to execute arbitrary shell commands within the context 
of the current user. The vulnerability allows an attacker to bypass 
command authorization restrictions assigned to their specific user 
account and execute commands that are available to the privilege 
level for which the user is assigned. For example, a user that is in 
the super-user login class, but restricted to executing specific CLI 
commands could exploit the vulnerability to execute any other 
command available to an unrestricted admin user. This 
vulnerability does not increase the privilege level of the user, but 
rather bypasses any CLI command restrictions by allowing full 
access to the shell. This issue affects Juniper Networks Junos OS 
Evolved: All versions prior to 20.4R2-S2-EVO; 21.1 versions prior 
to 21.1R2-EVO; 21.2 versions prior to 21.2R1-S1-EVO, 21.2R2- 
EVO. 


2021-10-19 


not yet 
calculated 


CVE-2021-31358 
CONFIRM 








juniper -- junos_os 


An Improper Check for Unusual or Exceptional Conditions in 
packet processing on the MS-MPC/MS-MIC utilized by Juniper 
Networks Junos OS allows a malicious attacker to send a specific 
packet, triggering the MS-MPC/MS-MIC to reset, causing a Denial 
of Service (DoS). Continued receipt and processing of this packet 
will create a sustained Denial of Service (DoS) condition. This 
issue only affects specific versions of Juniper Networks Junos OS 
on MX Series: 17.3R3-S11; 17.4R2-S13; 17.4R3 prior to 17.4R3- 
S5; 18.1R3-S12; 18.2R2-S8, 18.2R3-S7, 18.2R3-S8; 18.3R3-S4; 
18.4R3-S7; 19.1R3-S4, 19.1R3-S5; 19.2R1-S6; 19.3R3-S2; 
19.4R2-S4, 19.4R2-S5; 19.4R3-S2; 20.1R2-S1; 20.2R2-S2, 
20.2R2-S3, 20.2R3; 20.3R2, 20.3R2-S1; 20.4R1, 20.4R1-S1, 
20.4R2; 21.1R1; This issue does not affect any version of Juniper 
Networks Junos OS prior to 15.1X49-D240; 


2021-10-19 


not yet 
calculated 


CVE-2021-31351 
CONFIRM 








juniper -- junos_os 











A local privilege escalation vulnerability in Juniper Networks Junos 
OS and Junos OS Evolved allows a local, low-privileged user to 
cause the Juniper DHCP daemon (jdhcpd) process to crash, 
resulting in a Denial of Service (DoS), or execute arbitrary 
commands as root. Continued processing of malicious input will 
repeatedly crash the system and sustain the Denial of Service 
(DoS) condition. This issue affects: Juniper Networks Junos OS: 
All versions, including the following supported releases: 15.1 
versions prior to 15.1R7-S10; 17.4 versions prior to 17.4R3-S5; 
18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R3- 
S9; 19.1 versions prior to 19.1R3-S6; 19.2 versions prior to 
19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3- 
S3; 19.4 versions prior to 19.4R3-S6; 20.1 versions prior to 
20.1R2-S2, 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 
versions prior to 20.3R3; 20.4 versions prior to 20.4R2-S1, 
20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2. Juniper 
Networks Junos OS Evolved: All versions prior to 20.4R2-S3- 
EVO; All versions of 21.1-EVO. 








2021-10-19 





not yet 
calculated 








CVE-2021-31359 
CONFIRM 
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juniper -- junos_os 


An Improper Privilege Management vulnerability in the gRPC 
framework, used by the Juniper Extension Toolkit (JET) API on 
Juniper Networks Junos OS and Junos OS Evolved, allows a 
network-based, low-privileged authenticated attacker to perform 
operations as root, leading to complete compromise of the 
targeted system. The issue is caused by the JET service daemon 
(jsd) process authenticating the user, then passing configuration 
operations directly to the management daemon (mgd) process, 
which runs as root. This issue affects Juniper Networks Junos OS: 
18.4 versions prior to 18.4R1-S8, 18.4R2-S8, 18.4R3-S8; 19.1 
versions prior to 19.1R2-S3, 19.1R3-S5; 19.2 versions prior to 
19.2R1-S7, 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3- 
S2; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S3; 20.1 
versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 
20.2R2-S3, 20.2R3; 20.3 versions prior to 20.3R2-S1, 20.3R3; 
20.4 versions prior to 20.4R2. This issue does not affect Juniper 
Networks Junos OS versions prior to 18.4R1. Juniper Networks 
Junos OS Evolved: All versions prior to 20.4R2-EVO; 21.1-EVO 
versions prior to 21.1R2-EVO. 


2021-10-19 


not yet 
calculated 


CVE-2021-31350 
CONFIRM 








juniper -- junos_os 


A command injection vulnerability in tcpdump command 
processing on Juniper Networks Junos OS Evolved allows an 
attacker with authenticated CLI access to be able to bypass 
configured access protections to execute arbitrary shell 
commands within the context of the current user. The vulnerability 
allows an attacker to bypass command authorization restrictions 
assigned to their specific user account and execute commands 
that are available to the privilege level for which the user is 


assigned. For example, a user that is in the super-user login class, 


but restricted to executing specific CLI commands could exploit 
the vulnerability to execute any other command available to an 
unrestricted admin user. This vulnerability does not increase the 
privilege level of the user, but rather bypasses any CLI command 
restrictions by allowing full access to the shell. This issue affects 
Juniper Networks Junos OS Evolved: All versions prior to 20.3R2- 
S$1-EVO; 20.4 versions prior to 20.4R2-S2-EVO; 21.1 versions 
prior to 21.1R2-EVO; 21.2 versions prior to 21.2R1-S1-EVO, 
21.2R2-EVO. 


2021-10-19 


not yet 
calculated 


CVE-2021-31357 
CONFIRM 








juniper -- junos_os 








A command injection vulnerability in command processing on 
Juniper Networks Junos OS Evolved allows an attacker with 
authenticated CLI access to be able to bypass configured access 
protections to execute arbitrary shell commands within the context 
of the current user. The vulnerability allows an attacker to bypass 
command authorization restrictions assigned to their specific user 
account and execute commands that are available to the privilege 
level for which the user is assigned. For example, a user that is in 
the super-user login class, but restricted to executing specific CLI 
commands could exploit the vulnerability to execute any other 
command available to an unrestricted admin user. This 
vulnerability does not increase the privilege level of the user, but 
rather bypasses any CLI command restrictions by allowing full 
access to the shell. This issue affects Juniper Networks Junos OS 
Evolved: All versions prior to 20.4R3-S1-EVO; All versions of 
21.1-EVO and 21.2-EVO. 











2021-10-19 





not yet 
calculated 





CVE-2021-31356 
CONFIRM 
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juniper -- junos_os 


An Improper Check for Unusual or Exceptional Conditions 
vulnerability combined with Improper Handling of Exceptional 
Conditions in Juniper Networks Junos OS on QFX Series and 
PTX Series allows an unauthenticated network based attacker to 
cause increased FPC CPU utilization by sending specific IP 
packets which are being VXLAN encapsulated leading to a partial 
Denial of Service (DoS). Continued receipted of these specific 
traffic will create a sustained Denial of Service (DoS) condition. 
This issue affects: Juniper Networks Junos OS on QFX Series: All 
versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S13, 
17.4R3-S4; 18.1 versions prior to 18.1R3-S12; 18.2 versions prior 
to 18.2R2-S8, 18.2R3-S7; 18.3 versions prior to 18.3R3-S4; 18.4 
versions prior to 18.4R1-S8, 18.4R2-S7, 18.4R3-S7; 19.1 versions 
prior to 19.1R1-S6, 19.1R2-S2, 19.1R3-S4; 19.2 versions prior to 
19.2R1-S6, 19.2R3-S2; 19.3 versions prior to 19.3R3-S1; 19.4 
versions prior to 19.4R2-S3, 19.4R3-S1; 20.1 versions prior to 
20.1R2, 20.1R3; 20.2 versions prior to 20.2R2, 20.2R3; 20.3 
versions prior to 20.3R1-S1, 20.3R2. Juniper Networks Junos OS 
on PTX Series: All versions prior to 18.4R3-S9; 19.1 versions prior 
to 19.1R3-S6; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 
versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 
19.4R1-S4, 19.4R3-S5; 20.1 versions prior to 20.1R2-S2, 20.1R3; 
20.2 versions prior to 20.2R3-S1; 20.3 versions prior to 20.3R2- 
S1, 20.3R3; 20.4 versions prior to 20.4R2-S1, 20.4R3; 21.1 
versions prior to 21.1R1-S1, 21.1R2. 


2021-10-19 


not yet 
calculated 


CVE-2021-31361 
CONFIRM 








juniper -- junos_os 


Due to a Missing Authorization weakness and Insufficient 
Granularity of Access Control in a specific device configuration, a 
vulnerability exists in Juniper Networks Junos OS on SRX Series 
whereby an attacker who attempts to access J-Web administrative 
interfaces can successfully do so from any device interface 
regardless of the web-management configuration and filter rules 
which may otherwise protect access to J-Web. This issue affects: 
Juniper Networks Junos OS SRX Series 20.4 version 20.4R1 and 
later versions prior to 20.4R2-S1, 20.4R3; 21.1 versions prior to 
21.1R1-S1, 21.1R2. This issue does not affect Juniper Networks 
Junos OS versions prior to 20.4R1. 


2021-10-19 


not yet 
calculated 


CVE-2021-31384 
MISC 








juniper -- junos_os 


In an MPLS P2MP environment a Loop with Unreachable Exit 
Condition vulnerability in the routing protocol daemon (RPD) of 
Juniper Networks Junos OS and Junos OS Evolved allows an 
unauthenticated adjacent attacker to cause high load on RPD 
which in turn may lead to routing protocol flaps. If a system with 
sensor-based-stats enabled receives a specific LDP FEC this can 
lead to the above condition. Continued receipted of such an LDP 
FEC will create a sustained Denial of Service (DoS) condition. 
This issue affects: Juniper Networks Junos OS 19.2 version 
19.2R2 and later versions prior to 19.2R3-S3; 19.3 versions prior 
to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 
19.4R2-S4, 19.4R3-S2; 20.1 versions prior to 20.1R2-S1, 20.1R3; 
20.2 versions prior to 20.2R2-S1, 20.2R3; 20.3 versions prior to 
20.3R1-S2, 20.3R2. This issue does not affect Juniper Networks 
Junos OS versions prior to 19.2R2. Juniper Networks Junos OS 
Evolved All versions prior to 20.1R2-S3-EVO; 20.3 versions prior 
to 20.3R1-S2-EVO. 


2021-10-19 


not yet 
calculated 


CVE-2021-31363 
CONFIRM 








juniper -- junos_os 








An Improper Check for Unusual or Exceptional Conditions 
vulnerability combined with a Race Condition in the flow daemon 
(flowd) of Juniper Networks Junos OS on SRX300 Series, 
SRX500 Series, SRX1500, and SRX5000 Series with SPC2 
allows an unauthenticated network based attacker sending 
specific traffic to cause a crash of the flowd/srxpfe process, 
responsible for traffic forwarding in SRX, which will cause a Denial 
of Service (DoS). Continued receipt and processing of this specific 
traffic will create a sustained Denial of Service (DoS) condition. 
This issue can only occur when specific packets are trying to 
create the same session and logging for session-close is 
configured as a policy action. Affected platforms are: SRX300 
Series, SRX500 Series, SRX1500, and SRX5000 Series with 
SPC2. Not affected platforms are: SRX4000 Series, SRX5000 
Series with SPC3, and vSRX Series. This issue affects Juniper 
Networks Junos OS SRX300 Series, SRX500 Series, SRX1500, 
and SRX5000 Series with SPC2: All versions prior to 17.4R3-S5; 
18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R3- 
S9; 19.1 versions prior to 19.1R3-S6; 19.2 versions prior to 
19.2R1-S7, 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3- 
S2; 19.4 versions prior to 19.4R1-S4, 19.4R3-S3; 20.1 versions 
prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R3; 20.3 
versions prior to 20.3R2-S1, 20.3R3; 20.4 versions prior to 





20.4R2. 








2021-10-19 





not yet 
calculated 





CVE-2021-31364 
CONFIRM 
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An Unchecked Return Value vulnerability in the authd 
(authentication daemon) of Juniper Networks Junos OS on MX 
Series configured for subscriber management / BBE allows an 
adjacent attacker to cause a crash by sending a specific 
username. This impacts authentication, authorization, and 
accounting (AAA) services on the MX devices and leads to a 
Denial of Service (DoS) condition. Continued receipted of these 
PPP login request will create a sustained Denial of Service (DoS) 
juniper -- junos_os condition. This issue affects: Juniper Networks Junos OS 15.1 2021-10-19 not yet |CVE-2021-31366 
versions prior to 15.1R7-S9; 17.3 versions prior to 17.3R3-S12; calculated |CONFIRM 

17.4 versions prior to 17.4R3-S5; 18.1 versions prior to 18.1R3- 
$13; 18.2 versions prior to 18.2R3-S8; 18.3 versions prior to 
18.3R3-S5; 18.4 versions prior to 18.4R3-S9; 19.1 versions prior 
to 19.1R3-S6; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 
versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 
19.4R3-S3; 20.1 versions prior to 20.1R3; 20.2 versions prior to 
20.2R3-S1; 20.3 versions prior to 20.3R3; 20.4 versions prior to 
20.4R3; 21.1 versions prior to 21.1R2. 


A Missing Release of Memory after Effective Lifetime vulnerability 
in the Packet Forwarding Engine (PFE) of Juniper Networks Junos 
OS on PTX Series allows an adjacent attacker to cause a Denial 
of Service (DoS) by sending genuine BGP flowspec packets which 
cause an FPC heap memory leak. Once having run out of memory 
the FPC will crash and restart along with a core dump. Continued 
receipted of these packets will create a sustained Denial of 
Service (DoS) condition. This issue affects: Juniper Networks 2021-10-19 
Junos OS All versions prior to 18.4R3-S9; 19.1 versions prior to 
19.1R3-S7; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 
versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 
19.4R1-S4, 19.4R3-S6; 20.1 versions prior to 20.1R2-S2, 20.1R3; 
20.2 versions prior to 20.2R3-S1; 20.3 versions prior to 20.3R3; 
20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2. 
Juniper Networks Junos Evolved is not affected. 


An Uncontrolled Resource Consumption vulnerability in the kernel 
of Juniper Networks JUNOS OS allows an unauthenticated 
network based attacker to cause 100% CPU load and the device 
to become unresponsive by sending a flood of traffic to the out-of- 
band management ethernet port. Continued receipted of a flood 
will create a sustained Denial of Service (DoS) condition. Once 
the flood subsides the system will recover by itself. An indication 
that the system is affected by this issue would be that kernel and 
netisr process are shown to be using a lot of CPU cycles like in 
the following example output: user@host> show system 
processes extensive ... PID USERNAME PRI NICE SIZE RES 
STATE C TIME WCPU COMMAND 16 root -72 - OK 304K WAIT 1 || 2021-10-19 
839:40 88.96% intr{swi1: netisr 0} 0 root 97 - OK 160K RUN 1 
732:43 87.99% kernel{bcm560xgmac0 que} This issue affects 
Juniper Networks JUNOS OS on EX2300 Series, EX3400 Series, 
and ACX710: All versions prior to 18.1R3-S13; 18.2 versions prior 
to 18.2R3-S8; 18.3 versions prior to 18.3R3-S5; 18.4 versions 
prior to 18.4R2-S8, 18.4R3-S9; 19.1 versions prior to 19.1R3-S5; 
19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior 
to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 
19.4R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 
versions prior to 20.2R3; 20.3 versions prior to 20.3R2-S1, 
20.3R3; 20.4 versions prior to 20.4R2. 


On MX Series platforms with MS-MPC/MS-MIC, an Allocation of 
Resources Without Limits or Throttling vulnerability in Juniper 
Networks Junos OS allows an unauthenticated network attacker to 
cause a partial Denial of Service (DoS) with a high rate of specific 
traffic. If a Class of Service (CoS) rule is attached to the service- 
set and a high rate of specific traffic is processed by this service- 
set, for some of the other traffic which has services applied and is 
being processed by this MS-MPC/MS-MIC drops will be observed. 
juniper -- junos_os Continued receipted of this high rate of specific traffic will create a 
sustained Denial of Service (DoS) condition. This issue affects: 
Juniper Networks Junos OS on MX Series with MS-MPC/MS-MIC: 
All versions prior to 17.4R3-S5; 18.3 versions prior to 18.3R3-S5; 
18.4 versions prior to 18.4R3-S9; 19.1 versions prior to 19.1R3- 
S6; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions 
prior to 19.3R2-S7, 19.3R3-S3; 19.4 versions prior to 19.4R3-S5; 
20.1 versions prior to 20.1R2-S2, 20.1R3-S1; 20.2 versions prior 
to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 
20.4R2-S1, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2. 








juniper -- junos_os not yet |CVE-2021-31367 


calculated ||CONFIRM 








juniper -- junos_os not yet ||CVE-2021-31368 


calculated ||CONFIRM 








not yet CVE-2021-31369 


2021-10-19 |! calculated CONFIRM 
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An Incomplete List of Disallowed Inputs vulnerability in Packet 
Forwarding Engine (PFE) of Juniper Networks Junos OS on 
QFX5000 Series and EX4600 Series allows an adjacent 
unauthenticated attacker which sends a high rate of specific 
multicast traffic to cause control traffic received from the network 
to be dropped. This will impact control protocols (including but not 
limited to routing-protocols) and lead to a Denial of Service (DoS). 
Continued receipt of this specific multicast traffic will create a 
juniper -- junos_os sustained Denial of Service (DoS) condition. This issue affects 2021-10-19 not yet |CVE-2021-31370 
Juniper Networks Junos OS on QFX5000 and EX4600 Series: All calculated |CONFIRM 
versions prior to 17.3R3-S12; 17.4 versions prior to 17.4R3-S5; 
18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R3- 
S9; 19.1 versions prior to 19.1R3-S6; 19.2 versions prior to 
19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3- 
S3; 19.4 versions prior to 19.4R1-S4, 19.4R3-S3; 20.1 versions 
prior to 20.1R2-S2, 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 
20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R2-S2, 
20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2. 


A persistent cross-site scripting (XSS) vulnerability in the captive 
portal graphical user interface of Juniper Networks Junos OS may 
allow a remote authenticated user to inject web script or HTML 
and steal sensitive data and credentials from a web administration 
session, possibly tricking a follow-on administrative user to 
perform administrative actions on the device. This issue affects 
ai ; Juniper Networks Junos OS: All versions, including the following 
Juniper = JUNOS_OS supported releases: 12.3X48 versions prior to 12.3X48-D105; 2021-10-19 
15.1X49 versions prior to 15.1X49-D220; 18.3 versions prior to 
18.3R3-S5; 18.4 versions prior to 18.4R3-S9; 19.1 versions prior 
to 19.1R3-S7; 19.2 versions prior to 19.2R3-S3; 19.3 versions 
prior to 19.3R3-S4; 19.4 versions prior to 19.4R3-S6; 20.1 
versions prior to 20.1R3; 20.2 versions prior to 20.2R1-S1, 
20.2R2; 20.3 versions prior to 20.3R2; 20.4 versions prior to 
20.4R2; 21.1 versions prior to 21.1R2. 


A vulnerability in the processing of TCP MD5 authentication in 
Juniper Networks Junos OS Evolved may allow a BGP or LDP 
session configured with MD5 authentication to succeed, even if 
the peer does not have TCP MD5 authentication enabled. This 
juniper -- junos_os could lead to untrusted or unauthorized sessions being 
established, resulting in an impact on confidentiality or stability of 
the network. This issue affects Juniper Networks Junos OS 
Evolved: All versions prior to 20.3R2-S1-EVO; 20.4 versions prior 
to 20.4R2-EVO; 21.1 versions prior to 21.1R2-EVO. Juniper 
Networks Junos OS is not affected by this issue. 








not yet CVE-2021-31355 
calculated ||CONFIRM 








not yet |CVE-2021-0297 


2021-10-19 || calculated |CONFIRM 








An Improper Handling of Exceptional Conditions vulnerability in 
the processing of a transit or directly received malformed IPv6 
packet in Juniper Networks Junos OS results in a kernel crash, 
causing the device to restart, leading to a Denial of Service (DoS). 
Continued receipt and processing of this packet will create a 
juniper -- junos_os sustained Denial of Service (DoS) condition. This issue only 
affects systems with IPv6 configured. Devices with only IPv4 
configured are not vulnerable to this issue. This issue affects 
Juniper Networks Junos OS: 19.4 versions prior to 19.4R3; 20.1 
versions prior to 20.1R2; 20.2 versions prior to 20.2R1-S1, 
20.2R2. This issue does not affect Juniper Networks Junos OS 
versions prior to 19.4R1. 


not yet ||CVE-2021-0299 


2021-10-19 |! calculated CONFIRM 
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In broadband environments, including but not limited to Enhanced 
Subscriber Management, (CHAP, PPP, DHCP, etc.), on Juniper 
Networks Junos OS devices where RADIUS servers are 
configured for managing subscriber access and a subscriber is 
logged in and then requests to logout, the subscriber may be 
forced into a "Terminating" state by an attacker who is able to 
send spoofed messages appearing to originate from trusted 
RADIUS server(s) destined to the device in response to the 
subscriber's request. These spoofed messages cause the Junos 
OS General Authentication Service (authd) daemon to force the 
broadband subscriber into this "Terminating" state which the 
subscriber will not recover from thereby causing a Denial of 
Service (DoS) to the endpoint device. Once in the "Terminating" 
state, the endpoint subscriber will no longer be able to access the 
network. Restarting the authd daemon on the Junos OS device 
will temporarily clear the subscribers out of the "Terminating" 
state. As long as the attacker continues to send these spoofed not vet CVE-2021-31378 
packets and subscribers request to be logged out, the subscribers || 2021-10-19 seiaicied MISC 

will be returned to the "Terminating" state thereby creating a CONFIRM 
persistent Denial of Service to the subscriber. An indicator of 
compromise may be seen by displaying the output of "show 
subscribers summary". The presence of subscribers in the 
"Terminating" state may indicate the issue is occurring. This issue 
affects: Juniper Networks Junos OS 17.3 versions prior to 17.3R3- 
$12; 17.4 versions prior to 17.4R3-S5; 18.1 versions prior to 
18.1R3-S13; 18.2 versions prior to 18.2R3-S8; 18.3 versions prior 
to 18.3R3-S5; 18.4 versions prior to 18.4R2-S8, 18.4R3-S9; 19.1 
versions prior to 19.1R3-S6; 19.2 versions prior to 19.2R1-S7, 
19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 
versions prior to 19.4R1-S4, 19.4R1-S4, 19.4R3-S3; 20.1 versions 
prior to 20.1R3; 20.2 versions prior to 20.2R3-S1; 20.3 versions 
prior to 20.3R3; 20.4 versions prior to 20.4R3; 21.1 versions prior 
to 21.1R2. This issue does not affect: Juniper Networks Junos OS 
12.3 version 12.3R1 and later versions; 15.1 version 15.1R1 and 
later versions. 


On PTX1000 System, PTX10002-60C System, after upgrading to 
an affected release, a Race Condition vulnerability between the 
chassis daemon (chassisd) and firewall process (dfwd) of Juniper 
Networks Junos OS, may update the device's interfaces with 
incorrect firewall filters. This issue only occurs when upgrading the 
device to an affected version of Junos OS. Interfaces intended to 
have protections may have no protections assigned to them. 
Interfaces with one type of protection pattern may have alternate 
protections assigned to them. Interfaces intended to have no 
protections may have protections assigned to them. These firewall 
rule misassignments may allow genuine traffic intended to be 
stopped at the interface to propagate further, potentially causing 
disruptions in services by propagating unwanted traffic. An 
attacker may be able to take advantage of these misassignments. 
This issue affects Juniper Networks Junos OS on PTX1000 
System: 17.2 versions 17.2R1 and later versions prior to 17.3 
versions prior to 17.3R3-S12; 17.4 versions prior to 17.4R3-S5; 
18.1 versions prior to 18.1R3-S13; 18.2 versions prior to 18.2R3- 
S8; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to nat vet CVE-2021-31382 
18.4R1-S8, 18.4R2-S8, 18.4R3-S8; 19.1 versions prior to 19.1R3- || 2021-10-19 iced CONFIRM 

S5; 19.2 versions prior to 19.2R3-S2; 19.3 versions prior to MISC 
19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R2-S4, 19.4R3- 
S3; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R2- 
S3, 20.2R3; 20.3 versions prior to 20.3R2-S1, 20.3R3; 20.4 
versions prior to 20.4R1-S1, 20.4R2. This issue does not affect 
Juniper Networks Junos OS prior to version 17.2R1 on PTX1000 
System. This issue affects Juniper Networks Junos OS on 
PTX10002-60C System: 18.2 versions 18.2R1 and later versions 
prior to 18.4 versions prior to 18.4R3-S9; 19.1 versions later than 
19.1R1 prior to 19.4 versions prior to 19.4R2-S5, 19.4R3-S5; 20.1 
versions prior to 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 
20.3 versions prior to 20.3R3-S1; 20.4 versions 20.4R1 and later 
versions prior to 21.1 versions prior to 21.1R2; 21.2 versions 
21.2R1 and later versions prior to 21.3 versions prior to 21.3R2. 
This issue does not affect Juniper Networks Junos OS prior to 
version 18.2R1 on PTX10002-60C System. This issue impacts all 
filter families (inet, inet6, etc.) and all loopback filters. It does not 
rely upon the location where a filter is set, impacting both logical 
and physical interfaces. 


juniper -- junos_os 








juniper -- junos_os 
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juniper -- junos_os 


In Point to MultiPoint (P2MP) scenarios within established 
sessions between network or adjacent neighbors the improper use 
of a source to destination copy write operation combined with a 
Stack-based Buffer Overflow on certain specific packets 
processed by the routing protocol daemon (RPD) of Juniper 
Networks Junos OS and Junos OS Evolved sent by a remote 
unauthenticated network attacker causes the RPD to crash 
causing a Denial of Service (DoS). Continued receipt and 
processing of these packets will create a sustained Denial of 
Service (DoS) condition. This issue affects: Juniper Networks 
Junos OS 19.2 versions prior to 19.2R3-S2; 19.3 versions prior to 
19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R2- 
S4, 19.4R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 
versions prior to 20.2R2-S3, 20.2R3; 20.3 versions prior to 
20.3R2. This issue does not affect Juniper Networks Junos OS 
versions prior to 19.2R1. Juniper Networks Junos OS Evolved 
20.1 versions prior to 20.1R3-EVO; 20.2 versions prior to 20.2R3- 
EVO; 20.3 versions prior to 20.3R2-EVO. 


2021-10-19 


not yet 
calculated 


CVE-2021-31383 
CONFIRM 








juniper -- junos_os 


An Out Of Bounds (OOB) access vulnerability in the handling of 
responses by a Juniper Agile License (JAL) Client in Juniper 
Networks Junos OS and Junos OS Evolved, configured in 
Network Mode (to use Juniper Agile License Manager) may allow 
an attacker to cause a partial Denial of Service (DoS), or lead to 
remote code execution (RCE). The vulnerability exists in the 
packet parsing logic on the client that processes the response 
from the server using a custom protocol. An attacker with control 
of a JAL License Manager, or with access to the local broadcast 
domain, may be able to spoof a new JAL License Manager and/or 
craft a response to the Junos OS License Client, leading to 
exploitation of this vulnerability. This issue only affects Junos 
systems configured in Network Mode. Systems that are configured 
in Standalone Mode (the default mode of operation for all 
systems) are not vulnerable to this issue. This issue affects: 
Juniper Networks Junos OS: 19.2 versions prior to 19.2R3-S3; 
19.3 versions prior to 19.3R3-S3; 20.1 versions prior to 20.1R2- 
$2, 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions 
prior to 20.3R3; 20.4 versions prior to 20.4R3; 21.1 versions prior 
to 21.1R2. Juniper Networks Junos OS Evolved: version 20.1R1- 
EVO and later versions, prior to 21.2R2-EVO. This issue does not 
affect Juniper Networks Junos OS versions prior to 19.2R1. 


2021-10-19 


not yet 
calculated 


CVE-2021-31354 
CONFIRM 








kiwi -- cattools_installation_wizard 


As a result of an unquoted service path vulnerability present in the 
Kiwi CatTools Installation Wizard, a local attacker could gain 
escalated privileges by inserting an executable into the path of the 
affected service or uninstall entry. 


2021-10-22 


not yet 
calculated 


CVE-2021-35230 
MISC 








libmobi -- libmobi 


libmobi is vulnerable to Use of Out-of-range Pointer Offset 


2021-10-19 


not yet 
calculated 





CVE-2021-3889 
CONFIRM 
MISC 








libmobi -- libmobi 


libmobi is vulnerable to Use of Out-of-range Pointer Offset 


2021-10-19 


not yet 
calculated 





CVE-2021-3888 
MISC 
CONFIRM 








linux -- linux_kernel 


dp_link_settings_write in 
drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c 
in the Linux kernel through 5.14.14 allows a heap-based buffer 
overflow by an attacker who can write a string to the AMD GPU 
display drivers debug filesystem. There are no checks on size 
within parse_write_buffer_into_params when it uses the size of 
copy_from_user to copy a userspace buffer into a 40-byte heap 
buffer. 


2021-10-21 


not yet 
calculated 


CVE-2021-42327 
MISC 
MISC 








linux -- linux_kernel 


The firewire subsystem in the Linux kernel through 5.14.13 has a 
buffer overflow related to drivers/media/firewire/firedtv-avc.c and 
drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt 
mishandles bounds checking. 


2021-10-20 


not yet 
calculated 


CVE-2021-42739 
MISC 
MISC 








macrob7 -- 


Macrob7 Macs Framework Content Management System - 1.14f 


macs_framework_content_managenjeras s\stenered to contain a SQL injection vulnerability via the 


‘roleld' parameter of the ‘editRole’ and ‘deletUser’ modules. 


2021-10-22 


not yet 
calculated 





CVE-2020-23045 
MISC 








macrob7 -- 


Macrob7 Macs Framework Content Management System - 1.14f 
contains a cross-site scripting (XSS) vulnerability in the account 


macs_framework_content_managemeént 


Fave? Meton, which allows attackers to execute arbitrary web 
scripts or HTML via a crafted payload in the e-mail input field. 


2021-10-22 


not yet 
calculated 


CVE-2020-36498 
MISC 








macrob7 -- 








Macrob7 Macs Framework Content Management System - 1.14f 


macs_framework_content_managemas sisstenered to contain a cross-site scripting (XSS) vulnerability 


in the search input field of the search module. 











2021-10-22 


not yet 
calculated 











CVE-2020-23047 
MISC 
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mcafee -- epolicy_orchestrator 


Stored Cross-Site Scripting vulnerability in McAfee ePolicy 
Orchestrator (ePO) prior to 5.10 Update 11 allows ePO 
administrators to inject arbitrary web script or HTML via multiple 
parameters where the administrator's entries were not correctly 
sanitized. 


2021-10-22 


not yet 
calculated 


CVE-2021-31834 
CONFIRM 








mcafee -- epolicy_orchestrator 


Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator 
(ePO) prior to 5.10 Update 11 allows ePO administrators to inject 
arbitrary web script or HTML via a specific parameter where the 
administrator's entries were not correctly sanitized. 


2021-10-22 


not yet 
calculated 


CVE-2021-31835 
CONFIRM 








media_navi_inc -- smacom 


MEDIA NAVI Inc SMACom v1.2 was discovered to contain an 
insecure session validation vulnerability in the session handling of 
the ‘password’ authentication parameter of the wifi photo transfer 
module. This vulnerability allows attackers with network access 
privileges or on public wifi networks to read the authentication 
credentials and follow-up requests containing the user password 
via a man in the middle attack. 


2021-10-22 


not yet 
calculated 


CVE-2020-23036 
MISC 








microsoft -- surface_pro_3 


Microsoft Surface Pro 3 Security Feature Bypass Vulnerability 


2021-10-20 


not yet 
calculated 


CVE-2021-42299 
MISC 








modern-async -- modern-async 


modern-async is an open source JavaScript tooling library for 
asynchronous operations using async/await and promises. In 
affected versions a bug affecting two of the functions in this library: 
forEachSeries and forEachLimit. They should limit the 
concurrency of some actions but, in practice, they don't. Any code 
calling these functions will be written thinking they would limit the 
concurrency but they won't. This could lead to potential security 
issues in other projects. The problem has been patched in 1.0.4. 
There is no workaround. 


2021-10-20 


not yet 
calculated 


CVE-2021-41167 
MISC 

MISC 

CONFIRM 








nong_ge -- file_explorer 


An issue in the authentication mechanism in Nong Ge File 
Explorer v1.4 unauthenticated allows to access sensitive data. 


2021-10-22 


not yet 
calculated 





CVE-2020-23058 
MISC 








nsk -- 
user_agent_string_switcher_service 


A cross-site scripting (XSS) vulnerability in NSK User Agent String 
Switcher Service v0.3.5 allows attackers to execute arbitrary web 
scripts or HTML via a crafted payload in the user agent input field. 


2021-10-22 


not yet 
calculated 





CVE-2020-23054 
MISC 








oOpenpower -- openpower 


An issue was discovered in OpenPOWER 2.6 firmware. 
unpack_timestamp() calls le32_to_cpu() for endian conversion of 
a uint16_t "year" value, resulting in a type mismatch that can 
truncate a higher integer value to a smaller one, and bypass a 
timestamp check. The fix is to use the right endian conversion 
function. 


2021-10-22 


not yet 
calculated 


CVE-2021-36357 
MISC 








oracle -- communications 


Vulnerability in the Oracle Communications Interactive Session 
Recorder product of Oracle Communications (component: 
Provision API). The supported version that is affected is 6.4. 
Easily exploitable vulnerability allows unauthenticated attacker 
with network access via HTTP to compromise Oracle 
Communications Interactive Session Recorder. While the 
vulnerability is in Oracle Communications Interactive Session 
Recorder, attacks may significantly impact additional products. 
Successful attacks of this vulnerability can result in unauthorized 
update, insert or delete access to some of Oracle 
Communications Interactive Session Recorder accessible data as 
well as unauthorized read access to a subset of Oracle 
Communications Interactive Session Recorder accessible data 
and unauthorized ability to cause a partial denial of service (partial 
DOS) of Oracle Communications Interactive Session Recorder. 
CVSS 3.1 Base Score 8.3 (Confidentiality, Integrity and Availability 
impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L). 


2021-10-20 


not yet 
calculated 


CVE-2021-2461 
MISC 








oracle -- communications 











Vulnerability in the Oracle Communications Session Border 
Controller product of Oracle Communications (component: 
Routing). Supported versions that are affected are 8.4 and 9.0. 
Easily exploitable vulnerability allows high privileged attacker with 
network access via HTTP to compromise Oracle Communications 
Session Border Controller. While the vulnerability is in Oracle 
Communications Session Border Controller, attacks may 
significantly impact additional products. Successful attacks of this 
vulnerability can result in unauthorized access to critical data or 
complete access to all Oracle Communications Session Border 
Controller accessible data. CVSS 3.1 Base Score 6.8 
(Confidentiality impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N). 








2021-10-20 





not yet 
calculated 








CVE-2021-2414 
MISC 
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Vulnerability in the Oracle Communications Session Border 
Controller product of Oracle Communications (component: 
Routing). Supported versions that are affected are 8.4 and 9.0. 
Easily exploitable vulnerability allows high privileged attacker with 
network access via HTTP to compromise Oracle Communications 
Session Border Controller. Successful attacks of this vulnerability || 2021-10-20 
can result in unauthorized ability to cause a hang or frequently 
repeatable crash (complete DOS) of Oracle Communications 
Session Border Controller. CVSS 3.1 Base Score 4.9 (Availability 
impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 


Vulnerability in the RDBMS Security component of Oracle 
Database Server. Supported versions that are affected are 
12.2.0.1, 19c and 21c. Easily exploitable vulnerability allows high 
privileged attacker having DBA privilege with network access via 
Oracle Net to compromise RDBMS Security. Successful attacks of 
this vulnerability can result in unauthorized ability to cause a hang || 2021-10-20 
or frequently repeatable crash (complete DOS) of RDBMS 
Security as well as unauthorized update, insert or delete access to 
some of RDBMS Security accessible data. CVSS 3.1 Base Score 
5.5 (Integrity and Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/E:L/A:H). 


Vulnerability in the Oracle LogMiner component of Oracle 
Database Server. Supported versions that are affected are 
12.1.0.2, 12.2.0.1 and 19c. Easily exploitable vulnerability allows 
high privileged attacker having DBA privilege with network access 
via Oracle Net to compromise Oracle LogMiner. Successful 
attacks of this vulnerability can result in unauthorized creation, 
deletion or modification access to critical data or all Oracle 2021-10-20 
LogMiner accessible data as well as unauthorized read access to 
a subset of Oracle LogMiner accessible data and unauthorized 
ability to cause a hang or frequently repeatable crash (complete 
DOS) of Oracle LogMiner. CVSS 3.1 Base Score 6.7 
(Confidentiality, Integrity and Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H). 


Vulnerability in the Core RDBMS component of Oracle Database 
Server. Supported versions that are affected are 12.1.0.2, 
12.2.0.1, 19c and 21c. Easily exploitable vulnerability allows low 
privileged attacker having Create Table privilege with network 
access via Oracle Net to compromise Core RDBMS. Successful 2021-10-20 
attacks of this vulnerability can result in unauthorized ability to 
cause a partial denial of service (partial DOS) of Core RDBMS. 
CVSS 3.1 Base Score 4.3 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L). 


Vulnerability in the Oracle Database Enterprise Edition Unified 
Audit component of Oracle Database Server. Supported versions 
that are affected are 12.1.0.2, 12.2.0.1 and 19c. Easily exploitable 
vulnerability allows high privileged attacker having Local Logon 
privilege with network access via Oracle Net to compromise 
Oracle Database Enterprise Edition Unified Audit. Successful 2021-10-20 
attacks of this vulnerability can result in unauthorized update, 
insert or delete access to some of Oracle Database Enterprise 
Edition Unified Audit accessible data. CVSS 3.1 Base Score 2.7 
(Integrity impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/EL/A:N). 


Vulnerability in the Zero Downtime DB Migration to Cloud 
component of Oracle Database Server. The supported version 
that is affected is 21c. Easily exploitable vulnerability allows high 
privileged attacker having Local Logon privilege with logon to the 
infrastructure where Zero Downtime DB Migration to Cloud 
oracle -- database_server executes to compromise Zero Downtime DB Migration to Cloud. 
While the vulnerability is in Zero Downtime DB Migration to Cloud, 
attacks may significantly impact additional products. Successful 
attacks of this vulnerability can result in takeover of Zero 
Downtime DB Migration to Cloud. CVSS 3.1 Base Score 8.2 
(Confidentiality, Integrity and Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H). 


oracle -- communications not yet /CVE-2021-2416 


calculated ||MISC 








oracle -- database_server not yet |CVE-2021-35551 


calculated ||MISC 








oracle -- database_server not yet CVE-2021-2332 


calculated ||MISC 








oracle -- database_server not yet ||CVE-2021-35558 


calculated ||MISC 








oracle -- database_server not yet |CVE-2021-35576 


calculated ||MISC 








notyet |(CVE-2021-35599 


2021-10-20 || calculated |IMISC 
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oracle -- database_server 


Vulnerability in the Java VM component of Oracle Database 
Server. Supported versions that are affected are 12.1.0.2, 
12.2.0.1, 19c and 21c. Difficult to exploit vulnerability allows low 
privileged attacker having Create Procedure privilege with network 
access via Oracle Net to compromise Java VM. Successful 
attacks require human interaction from a person other than the 
attacker. Successful attacks of this vulnerability can result in 
takeover of Java VM. CVSS 3.1 Base Score 7.1 (Confidentiality, 
Integrity and Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/1:H/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-35619 
MISC 








oracle -- database_server 


Vulnerability in the Core RDBMS component of Oracle Database 
Server. Supported versions that are affected are 12.1.0.2, 
12.2.0.1, 19c and 21c. Easily exploitable vulnerability allows low 
privileged attacker having Create Table privilege with network 
access via Oracle Net to compromise Core RDBMS. Successful 
attacks of this vulnerability can result in unauthorized ability to 
cause a partial denial of service (partial DOS) of Core RDBMS. 
CVSS 3.1 Base Score 4.3 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L). 


2021-10-20 


not yet 
calculated 


CVE-2021-35557 
MISC 








oracle -- e-buiness_suite 


Vulnerability in the Oracle Applications Framework product of 
Oracle E-Business Suite (component: Session Management). 
Supported versions that are affected are 12.1.3 and 12.2.3- 
12.2.10. Easily exploitable vulnerability allows unauthenticated 
attacker with network access via HTTP to compromise Oracle 
Applications Framework. Successful attacks of this vulnerability 
can result in unauthorized ability to cause a partial denial of 
service (partial DOS) of Oracle Applications Framework. CVSS 
3.1 Base Score 5.3 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/E:N/A:L). 


2021-10-20 


not yet 
calculated 


CVE-2021-2477 
MISC 








oracle -- e-business_suite 


Vulnerability in the Oracle Universal Work Queue product of 
Oracle E-Business Suite (component: Work Provider Site Level 
Administration). Supported versions that are affected are 12.1.1- 
12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows 
low privileged attacker with network access via HTTP to 
compromise Oracle Universal Work Queue. Successful attacks of 
this vulnerability can result in unauthorized creation, deletion or 
modification access to critical data or all Oracle Universal Work 
Queue accessible data as well as unauthorized access to critical 
data or complete access to all Oracle Universal Work Queue 
accessible data. CVSS 3.1 Base Score 8.1 (Confidentiality and 
Integrity impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N). 


2021-10-20 


not yet 
calculated 


CVE-2021-35562 
MISC 








oracle -- e-business_suite 


Vulnerability in the Oracle Applications Manager product of Oracle 
E-Business Suite (component: Diagnostics). Supported versions 
that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable 
vulnerability allows high privileged attacker with network access 
via HTTP to compromise Oracle Applications Manager. 
Successful attacks of this vulnerability can result in unauthorized 
access to critical data or complete access to all Oracle 
Applications Manager accessible data. CVSS 3.1 Base Score 4.9 
(Confidentiality impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N). 


2021-10-20 


not yet 
calculated 


CVE-2021-35569 
MISC 








oracle -- e-business_suite 











Vulnerability in the Oracle Applications Manager product of Oracle 
E-Business Suite (component: View Reports). Supported versions 
that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable 
vulnerability allows low privileged attacker with network access via 
HTTP to compromise Oracle Applications Manager. Successful 
attacks require human interaction from a person other than the 
attacker and while the vulnerability is in Oracle Applications 
Manager, attacks may significantly impact additional products. 
Successful attacks of this vulnerability can result in unauthorized 
update, insert or delete access to some of Oracle Applications 
Manager accessible data as well as unauthorized read access to 
a subset of Oracle Applications Manager accessible data and 
unauthorized ability to cause a partial denial of service (partial 
DOS) of Oracle Applications Manager. CVSS 3.1 Base Score 6.5 
(Confidentiality, Integrity and Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L). 








2021-10-20 





not yet 
calculated 








CVE-2021-35582 
MISC 
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oracle -- e-business_suite 


Vulnerability in the Oracle Shipping Execution product of Oracle E- 
Business Suite (component: Workflow Events). Supported 
versions that are affected are 12.2.6-12.2.10. Easily exploitable 
vulnerability allows low privileged attacker with network access via 
HTTP to compromise Oracle Shipping Execution. Successful 
attacks of this vulnerability can result in unauthorized creation, 
deletion or modification access to critical data or all Oracle 
Shipping Execution accessible data as well as unauthorized 
access to critical data or complete access to all Oracle Shipping 
Execution accessible data. CVSS 3.1 Base Score 8.1 
(Confidentiality and Integrity impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N). 


2021-10-20 


not yet 
calculated 


CVE-2021-35563 
MISC 








oracle -- e-business_suite 


Vulnerability in the Oracle Applications Manager product of Oracle 
E-Business Suite (component: Diagnostics). Supported versions 
that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable 
vulnerability allows low privileged attacker with network access via 
HTTP to compromise Oracle Applications Manager. Successful 
attacks of this vulnerability can result in unauthorized creation, 
deletion or modification access to critical data or all Oracle 
Applications Manager accessible data as well as unauthorized 
access to critical data or complete access to all Oracle 
Applications Manager accessible data. CVSS 3.1 Base Score 8.1 
(Confidentiality and Integrity impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N). 


2021-10-20 


not yet 
calculated 


CVE-2021-35566 
MISC 








oracle -- e-business_suite 


Vulnerability in the Oracle Mobile Field Service product of Oracle 
E-Business Suite (component: Admin UI). Supported versions that 
are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily 
exploitable vulnerability allows low privileged attacker with network 
access via HTTP to compromise Oracle Mobile Field Service. 
Successful attacks of this vulnerability can result in unauthorized 
creation, deletion or modification access to critical data or all 
Oracle Mobile Field Service accessible data as well as 
unauthorized access to critical data or complete access to all 
Oracle Mobile Field Service accessible data. CVSS 3.1 Base 
Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N). 


2021-10-20 


not yet 
calculated 


CVE-2021-35570 
MISC 








oracle -- e-business_suite 


Vulnerability in the Oracle Deal Management product of Oracle E- 
Business Suite (component: Miscellaneous). Supported versions 
that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability 
allows low privileged attacker with network access via HTTP to 
compromise Oracle Deal Management. Successful attacks of this 
vulnerability can result in unauthorized creation, deletion or 
modification access to critical data or all Oracle Deal Management 
accessible data as well as unauthorized access to critical data or 
complete access to all Oracle Deal Management accessible data. 
CVSS 3.1 Base Score 8.1 (Confidentiality and Integrity impacts). 
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N). 


2021-10-20 


not yet 
calculated 


CVE-2021-35536 
MISC 








oracle -- e-business_suite 


Vulnerability in the Oracle Applications Manager product of Oracle 
E-Business Suite (component: View Reports). Supported versions 
that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable 
vulnerability allows unauthenticated attacker with network access 
via HTTP to compromise Oracle Applications Manager. 
Successful attacks require human interaction from a person other 
than the attacker and while the vulnerability is in Oracle 
Applications Manager, attacks may significantly impact additional 
products. Successful attacks of this vulnerability can result in 
unauthorized update, insert or delete access to some of Oracle 
Applications Manager accessible data. CVSS 3.1 Base Score 4.7 
(Integrity impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/EL/A:N). 


2021-10-20 


not yet 
calculated 


CVE-2021-35581 
MISC 








oracle -- e-business_suite 











Vulnerability in the Oracle Applications Manager product of Oracle 
E-Business Suite (component: View Reports). Supported versions 
that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable 
vulnerability allows unauthenticated attacker with network access 
via HTTP to compromise Oracle Applications Manager. 
Successful attacks require human interaction from a person other 
than the attacker and while the vulnerability is in Oracle 
Applications Manager, attacks may significantly impact additional 
products. Successful attacks of this vulnerability can result in 
unauthorized update, insert or delete access to some of Oracle 
Applications Manager accessible data as well as unauthorized 
read access to a subset of Oracle Applications Manager 
accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and 
Integrity impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). 








2021-10-20 





not yet 
calculated 








CVE-2021-35580 
MISC 
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Vulnerability in the Oracle Trade Management product of Oracle 
E-Business Suite (component: Quotes). Supported versions that 
are affected are 12.1.1-12.1.3. Easily exploitable vulnerability 
allows low privileged attacker with network access via HTTP to 
compromise Oracle Trade Management. Successful attacks of this 
oracle -- e-business_suite vulnerability can result in unauthorized creation, deletion or 
modification access to critical data or all Oracle Trade 
Management accessible data as well as unauthorized access to 
critical data or complete access to all Oracle Trade Management 
accessible data. CVSS 3.1 Base Score 8.1 (Confidentiality and 
Integrity impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N). 


Vulnerability in the Oracle Payables product of Oracle E-Business 
Suite (component: Invoice Approvals). Supported versions that 
are affected are 12.1.1-12.1.3. Easily exploitable vulnerability 
allows low privileged attacker with network access via HTTP to 
compromise Oracle Payables. Successful attacks of this 
vulnerability can result in unauthorized creation, deletion or 2021-10-20 
modification access to critical data or all Oracle Payables 
accessible data as well as unauthorized access to critical data or 
complete access to all Oracle Payables accessible data. CVSS 
3.1 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS 
Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N). 


Vulnerability in the Oracle Sales Offline product of Oracle E- 
Business Suite (component: Offline Template). Supported 
versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. 
Easily exploitable vulnerability allows low privileged attacker with nat vet CVE-2021-35611 
network access via HTTP to compromise Oracle Sales Offline. 2021-10-20 acua MISC 

Successful attacks of this vulnerability can result in unauthorized MISC 

ability to cause a partial denial of service (partial DOS) of Oracle 
Sales Offline. CVSS 3.1 Base Score 4.3 (Availability impacts). 
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L). 


Vulnerability in the Oracle Web Analytics product of Oracle E- 
Business Suite (component: Admin). Supported versions that are 
affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows 
low privileged attacker with network access via HTTP to 
compromise Oracle Web Analytics. Successful attacks of this 
Vulnerability can result in unauthorized creation, deletion or 2021-10-20 
modification access to critical data or all Oracle Web Analytics 
accessible data as well as unauthorized access to critical data or 
complete access to all Oracle Web Analytics accessible data. 
CVSS 3.1 Base Score 8.1 (Confidentiality and Integrity impacts). 
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N). 


Vulnerability in the Oracle Incentive Compensation product of 
Oracle E-Business Suite (component: User Interface). Supported 
versions that are affected are 12.1.1-12.1.3. Easily exploitable 
vulnerability allows low privileged attacker with network access via 
HTTP to compromise Oracle Incentive Compensation. Successful 
oracle -- e-business_suite attacks of this vulnerability can result in unauthorized creation, 2021-10-20 not yet |CVE-2021-35585 
deletion or modification access to critical data or all Oracle calculated |MISC 

Incentive Compensation accessible data as well as unauthorized 
access to critical data or complete access to all Oracle Incentive 
Compensation accessible data. CVSS 3.1 Base Score 8.1 
(Confidentiality and Integrity impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N). 


Vulnerability in the Oracle Trade Management product of Oracle 
E-Business Suite (component: Quotes). Supported versions that 
are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily 
exploitable vulnerability allows unauthenticated attacker with 
oracle -- e-business_suite network access via HTTP to compromise Oracle Trade 2021-10-20 not yet ||CVE-2021-35554 
Management. Successful attacks of this vulnerability can result in calculated |MISC 
unauthorized read access to a subset of Oracle Trade 
Management accessible data. CVSS 3.1 Base Score 5.3 
(Confidentiality impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N). 


not yet |CVE-2021-2485 


2021-10-20 || calculated MISC 








oracle -- e-business_suite not yet ||CVE-2021-2482 


calculated ||MISC 








oracle -- e-business_suite 








oracle -- e-business_suite not yet |CVE-2021-2474 


calculated ||MISC 
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oracle -- e-business_suite 


Vulnerability in the Oracle Content Manager product of Oracle E- 
Business Suite (component: Content Item Manager). Supported 
versions that are affected are 12.1.1-12.1.3. Easily exploitable 
vulnerability allows low privileged attacker with network access via 
HTTP to compromise Oracle Content Manager. Successful 
attacks of this vulnerability can result in unauthorized creation, 
deletion or modification access to critical data or all Oracle 
Content Manager accessible data as well as unauthorized access 
to critical data or complete access to all Oracle Content Manager 
accessible data. CVSS 3.1 Base Score 8.1 (Confidentiality and 
Integrity impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/1:H/A:N). 


2021-10-20 


not yet 
calculated 


CVE-2021-2483 
MISC 








oracle -- e-business_suite 


Vulnerability in the Oracle Operations Intelligence product of 
Oracle E-Business Suite (component: BIS Operations 
Intelligence). Supported versions that are affected are 12.1.1- 
12.1.3. Easily exploitable vulnerability allows low privileged 
attacker with network access via HTTP to compromise Oracle 
Operations Intelligence. Successful attacks of this vulnerability 
can result in unauthorized creation, deletion or modification 
access to critical data or all Oracle Operations Intelligence 
accessible data as well as unauthorized access to critical data or 
complete access to all Oracle Operations Intelligence accessible 
data. CVSS 3.1 Base Score 8.1 (Confidentiality and Integrity 
impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N). 


2021-10-20 


not yet 
calculated 


CVE-2021-2484 
MISC 








oracle -- enterprise_manager 


Vulnerability in the Enterprise Manager Base Platform product of 
Oracle Enterprise Manager (component: Policy Framework). 
Supported versions that are affected are 13.4.0.0 and 13.5.0.0. 
Easily exploitable vulnerability allows low privileged attacker with 
network access via HTTP to compromise Enterprise Manager 
Base Platform. Successful attacks of this vulnerability can result in 
takeover of Enterprise Manager Base Platform. CVSS 3.1 Base 
Score 8.8 (Confidentiality, Integrity and Availability impacts). 
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-2137 
MISC 








oracle -- essbase 


Vulnerability in the Essbase Administration Services product of 
Oracle Essbase (component: EAS Console). The supported 
version that is affected is Prior to 11.1.2.4.046. Easily exploitable 
vulnerability allows low privileged attacker with network access via 
HTTP to compromise Essbase Administration Services. While the 
vulnerability is in Essbase Administration Services, attacks may 
significantly impact additional products. Successful attacks of this 
vulnerability can result in unauthorized access to critical data or 
complete access to all Essbase Administration Services 
accessible data as well as unauthorized update, insert or delete 
access to some of Essbase Administration Services accessible 
data. CVSS 3.1 Base Score 8.5 (Confidentiality and Integrity 
impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N). 


2021-10-20 


not yet 
calculated 


CVE-2021-35651 
MISC 








oracle -- essbase 


Vulnerability in the Essbase Administration Services product of 
Oracle Essbase (component: EAS Console). The supported 
version that is affected is Prior to 11.1.2.4.046. Easily exploitable 
vulnerability allows unauthenticated attacker with network access 
via HTTP to compromise Essbase Administration Services. While 
the vulnerability is in Essbase Administration Services, attacks 
may significantly impact additional products. Successful attacks of 
this vulnerability can result in takeover of Essbase Administration 
Services. CVSS 3.1 Base Score 10.0 (Confidentiality, Integrity and 
Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-35652 
MISC 








oracle -- essbase 








Vulnerability in the Essbase Administration Services product of 
Oracle Essbase (component: EAS Console). The supported 
version that is affected is Prior to 11.1.2.4.046. Easily exploitable 
vulnerability allows low privileged attacker with network access via 
HTTP to compromise Essbase Administration Services. While the 
vulnerability is in Essbase Administration Services, attacks may 
significantly impact additional products. Successful attacks of this 
vulnerability can result in unauthorized access to critical data or 
complete access to all Essbase Administration Services 
accessible data. CVSS 3.1 Base Score 7.7 (Confidentiality 
impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N). 











2021-10-20 





not yet 
calculated 





CVE-2021-35653 
MISC 
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oracle -- essbase 


Vulnerability in the Essbase Administration Services product of 
Oracle Essbase (component: EAS Console). The supported 
version that is affected is Prior to 11.1.2.4.046. Easily exploitable 
vulnerability allows unauthenticated attacker with network access 
via HTTP to compromise Essbase Administration Services. 
Successful attacks of this vulnerability can result in unauthorized 
ability to cause a hang or frequently repeatable crash (complete 
DOS) of Essbase Administration Services. CVSS 3.1 Base Score 
7.5 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-35654 
MISC 








oracle -- essbase 


Vulnerability in the Essbase Administration Services product of 
Oracle Essbase (component: EAS Console). The supported 
version that is affected is Prior to 11.1.2.4.046. Easily exploitable 
vulnerability allows unauthenticated attacker with network access 
via HTTP to compromise Essbase Administration Services. 
Successful attacks of this vulnerability can result in unauthorized 
read access to a subset of Essbase Administration Services 
accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality 
impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N). 


2021-10-20 


not yet 
calculated 


CVE-2021-35655 
MISC 








oracle -- fusion 


Vulnerability in the Oracle Outside In Technology product of 
Oracle Fusion Middleware (component: Outside In Filters). The 
supported version that is affected is 8.5.5. Easily exploitable 
vulnerability allows unauthenticated attacker with network access 
via HTTP to compromise Oracle Outside In Technology. 
Successful attacks of this vulnerability can result in unauthorized 
ability to cause a hang or frequently repeatable crash (complete 
DOS) of Oracle Outside In Technology. Note: Outside In 
‘Technology is a suite of software development kits (SDKs). The 
protocol and CVSS Base Score depend on the software that uses 
Outside In Technology. The CVSS score assumes that the 
software passes data received over a network directly to Outside 
In Technology, but if data is not received over a network the CVSS 
score may be lower. CVSS 3.1 Base Score 7.5 (Availability 
impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-35659 
MISC 








oracle -- fusion 


Vulnerability in the Oracle Outside In Technology product of 
Oracle Fusion Middleware (component: Outside In Filters). The 
supported version that is affected is 8.5.5. Easily exploitable 
vulnerability allows unauthenticated attacker with network access 
via HTTP to compromise Oracle Outside In Technology. 
Successful attacks of this vulnerability can result in unauthorized 
ability to cause a hang or frequently repeatable crash (complete 
DOS) of Oracle Outside In Technology. Note: Outside In 
‘Technology is a suite of software development kits (SDKs). The 
protocol and CVSS Base Score depend on the software that uses 
Outside In Technology. The CVSS score assumes that the 
software passes data received over a network directly to Outside 
In Technology, but if data is not received over a network the CVSS 
score may be lower. CVSS 3.1 Base Score 7.5 (Availability 
impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-35656 
MISC 








oracle -- fusion 








Vulnerability in the Oracle Outside In Technology product of 
Oracle Fusion Middleware (component: Outside In Filters). The 
supported version that is affected is 8.5.5. Easily exploitable 
vulnerability allows unauthenticated attacker with network access 
via HTTP to compromise Oracle Outside In Technology. 
Successful attacks of this vulnerability can result in unauthorized 
ability to cause a hang or frequently repeatable crash (complete 
DOS) of Oracle Outside In Technology. Note: Outside In 
‘Technology is a suite of software development kits (SDKs). The 
protocol and CVSS Base Score depend on the software that uses 
Outside In Technology. The CVSS score assumes that the 
software passes data received over a network directly to Outside 
In Technology, but if data is not received over a network the CVSS 
score may be lower. CVSS 3.1 Base Score 7.5 (Availability 
impacts). CVSS Vector: 





(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). 








2021-10-20 





not yet 
calculated 





CVE-2021-35660 
MISC 
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oracle -- fusion 


Vulnerability in the Oracle Outside In Technology product of 
Oracle Fusion Middleware (component: Outside In Filters). The 
supported version that is affected is 8.5.5. Easily exploitable 
vulnerability allows unauthenticated attacker with network access 
via HTTP to compromise Oracle Outside In Technology. 
Successful attacks of this vulnerability can result in unauthorized 
ability to cause a hang or frequently repeatable crash (complete 
DOS) of Oracle Outside In Technology. Note: Outside In 
Technology is a suite of software development kits (SDKs). The 
protocol and CVSS Base Score depend on the software that uses 
Outside In Technology. The CVSS score assumes that the 
software passes data received over a network directly to Outside 
In Technology, but if data is not received over a network the CVSS 
score may be lower. CVSS 3.1 Base Score 7.5 (Availability 
impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-35658 
MISC 








oracle -- fusion 


Vulnerability in the Oracle Outside In Technology product of 
Oracle Fusion Middleware (component: Outside In Filters). The 
supported version that is affected is 8.5.5. Easily exploitable 
vulnerability allows unauthenticated attacker with network access 
via HTTP to compromise Oracle Outside In Technology. 
Successful attacks of this vulnerability can result in unauthorized 
ability to cause a hang or frequently repeatable crash (complete 
DOS) of Oracle Outside In Technology. Note: Outside In 
‘Technology is a suite of software development kits (SDKs). The 
protocol and CVSS Base Score depend on the software that uses 
Outside In Technology. The CVSS score assumes that the 
software passes data received over a network directly to Outside 
In Technology, but if data is not received over a network the CVSS 
score may be lower. CVSS 3.1 Base Score 7.5 (Availability 
impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-35574 
MISC 








oracle -- fusion 


Vulnerability in the Oracle Outside In Technology product of 
Oracle Fusion Middleware (component: Outside In Filters). The 
supported version that is affected is 8.5.5. Easily exploitable 
vulnerability allows unauthenticated attacker with network access 
via HTTP to compromise Oracle Outside In Technology. 
Successful attacks of this vulnerability can result in unauthorized 
ability to cause a hang or frequently repeatable crash (complete 
DOS) of Oracle Outside In Technology. Note: Outside In 
‘Technology is a suite of software development kits (SDKs). The 
protocol and CVSS Base Score depend on the software that uses 
Outside In Technology. The CVSS score assumes that the 
software passes data received over a network directly to Outside 
In Technology, but if data is not received over a network the CVSS 
score may be lower. CVSS 3.1 Base Score 7.5 (Availability 
impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-35572 
MISC 








oracle -- fusion 








Vulnerability in the Oracle Outside In Technology product of 
Oracle Fusion Middleware (component: Outside In Filters). The 
supported version that is affected is 8.5.5. Easily exploitable 
vulnerability allows unauthenticated attacker with network access 
via HTTP to compromise Oracle Outside In Technology. 
Successful attacks of this vulnerability can result in unauthorized 
ability to cause a hang or frequently repeatable crash (complete 
DOS) of Oracle Outside In Technology. Note: Outside In 
‘Technology is a suite of software development kits (SDKs). The 
protocol and CVSS Base Score depend on the software that uses 
Outside In Technology. The CVSS score assumes that the 
software passes data received over a network directly to Outside 
In Technology, but if data is not received over a network the CVSS 
score may be lower. CVSS 3.1 Base Score 7.5 (Availability 
impacts). CVSS Vector: 





(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). 








2021-10-20 





not yet 
calculated 





CVE-2021-35657 
MISC 
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oracle -- fusion 


Vulnerability in the Oracle Outside In Technology product of 
Oracle Fusion Middleware (component: Outside In Filters). The 
supported version that is affected is 8.5.5. Easily exploitable 
vulnerability allows unauthenticated attacker with network access 
via HTTP to compromise Oracle Outside In Technology. 
Successful attacks of this vulnerability can result in unauthorized 
ability to cause a hang or frequently repeatable crash (complete 
DOS) of Oracle Outside In Technology. Note: Outside In 
Technology is a suite of software development kits (SDKs). The 
protocol and CVSS Base Score depend on the software that uses 
Outside In Technology. The CVSS score assumes that the 
software passes data received over a network directly to Outside 
In Technology, but if data is not received over a network the CVSS 
score may be lower. CVSS 3.1 Base Score 7.5 (Availability 
impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-35573 
MISC 








oracle -- fusion 


Vulnerability in the Oracle HTTP Server product of Oracle Fusion 
Middleware (component: Web Listener). The supported version 
that is affected is 11.1.1.9.0. Difficult to exploit vulnerability allows 
unauthenticated attacker with network access via HTTP to 
compromise Oracle HTTP Server. Successful attacks of this 
vulnerability can result in unauthorized update, insert or delete 
access to some of Oracle HTTP Server accessible data. CVSS 
3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N). 


2021-10-20 


not yet 
calculated 


CVE-2021-2480 
MISC 








oracle -- fusion 


Vulnerability in the Oracle HTTP Server product of Oracle Fusion 
Middleware (component: OSSL Module). The supported version 
that is affected is 11.1.1.9.0. Difficult to exploit vulnerability allows 
unauthenticated attacker with network access via HTTPS to 
compromise Oracle HTTP Server. Successful attacks of this 
vulnerability can result in unauthorized access to critical data or 
complete access to all Oracle HTTP Server accessible data. 
CVSS 3.1 Base Score 5.9 (Confidentiality impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N). 


2021-10-20 


not yet 
calculated 


CVE-2021-35666 
MISC 








oracle -- fusion 


Vulnerability in the Oracle Outside In Technology product of 
Oracle Fusion Middleware (component: Outside In Filters). The 
supported version that is affected is 8.5.5. Easily exploitable 
vulnerability allows unauthenticated attacker with network access 
via HTTP to compromise Oracle Outside In Technology. 
Successful attacks of this vulnerability can result in unauthorized 
ability to cause a hang or frequently repeatable crash (complete 
DOS) of Oracle Outside In Technology. Note: Outside In 
‘Technology is a suite of software development kits (SDKs). The 
protocol and CVSS Base Score depend on the software that uses 
Outside In Technology. The CVSS score assumes that the 
software passes data received over a network directly to Outside 
In Technology, but if data is not received over a network the CVSS 
score may be lower. CVSS 3.1 Base Score 7.5 (Availability 
impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-35662 
MISC 








oracle -- fusion 








Vulnerability in the Oracle Outside In Technology product of 
Oracle Fusion Middleware (component: Outside In Filters). The 
supported version that is affected is 8.5.5. Easily exploitable 
vulnerability allows unauthenticated attacker with network access 
via HTTP to compromise Oracle Outside In Technology. 
Successful attacks of this vulnerability can result in unauthorized 
ability to cause a hang or frequently repeatable crash (complete 
DOS) of Oracle Outside In Technology. Note: Outside In 
‘Technology is a suite of software development kits (SDKs). The 
protocol and CVSS Base Score depend on the software that uses 
Outside In Technology. The CVSS score assumes that the 
software passes data received over a network directly to Outside 
In Technology, but if data is not received over a network the CVSS 
score may be lower. CVSS 3.1 Base Score 7.5 (Availability 
impacts). CVSS Vector: 





(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). 








2021-10-20 





not yet 
calculated 





CVE-2021-35661 
MISC 
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Vulnerability in the Hyperion Financial Reporting product of Oracle 
Hyperion (component: Repository). The supported version that is 
affected is 11.2.6.0. Easily exploitable vulnerability allows 
unauthenticated attacker with network access via HTTP to 
compromise Hyperion Financial Reporting. Successful attacks 
require human interaction from a person other than the attacker 
oracle -- hyperion and while the vulnerability is in Hyperion Financial Reporting, 2021-10-20 not yet ||CVE-2021-35665 
attacks may significantly impact additional products. Successful calculated |MISC 

attacks of this vulnerability can result in unauthorized update, 
insert or delete access to some of Hyperion Financial Reporting 
accessible data as well as unauthorized read access to a subset 
of Hyperion Financial Reporting accessible data. CVSS 3.1 Base 
Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). 


Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition 
product of Oracle Java SE (component: ImagelO). Supported 
versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; 
Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily 
exploitable vulnerability allows unauthenticated attacker with 
network access via multiple protocols to compromise Java SE, 
Oracle GraalVM Enterprise Edition. Successful attacks of this 
vulnerability can result in unauthorized ability to cause a partial 
denial of service (partial DOS) of Java SE, Oracle GraalVM 
Enterprise Edition. Note: This vulnerability applies to Java 
deployments, typically in clients running sandboxed Java Web 
Start applications or sandboxed Java applets, that load and run 
untrusted code (e.g., code that comes from the internet) and rely 
on the Java sandbox for security. This vulnerability can also be 
exploited by using APIs in the specified Component, e.g., through 
a web service which supplies data to the APIs. CVSS 3.1 Base 
Score 5.3 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/E:N/A:L). 


Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition 
product of Oracle Java SE (component: Utility). Supported 
versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; 
Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily 
exploitable vulnerability allows unauthenticated attacker with 
network access via multiple protocols to compromise Java SE, 
Oracle GraalVM Enterprise Edition. Successful attacks of this 
vulnerability can result in unauthorized ability to cause a partial CVE-2021-35561 
oracle -- java_se denial of service (partial DOS) of Java SE, Oracle GraalVM 2021-10-20 not yet Msc 
Enterprise Edition. Note: This vulnerability applies to Java calculated CONFIRM 
deployments, typically in clients running sandboxed Java Web E A, 
Start applications or sandboxed Java applets, that load and run 
untrusted code (e.g., code that comes from the internet) and rely 
on the Java sandbox for security. This vulnerability can also be 
exploited by using APIs in the specified Component, e.g., through 
a web service which supplies data to the APIs. CVSS 3.1 Base 
Score 5.3 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/E:N/A:L). 


Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition 
product of Oracle Java SE (component: JSSE). Supported 
versions that are affected are Java SE: 8u301, 11.0.12, 17; Oracle 
GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable 
vulnerability allows unauthenticated attacker with network access 
via TLS to compromise Java SE, Oracle GraalVM Enterprise 
oracle -- java_se Edition. Successful attacks of this vulnerability can result in 
unauthorized ability to cause a partial denial of service (partial 
DOS) of Java SE, Oracle GraalVM Enterprise Edition. Note: This 
vulnerability can only be exploited by supplying data to APIs in the 
specified Component without using Untrusted Java Web Start 
applications or Untrusted Java applets, such as through a web 
service. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS 
Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). 








CVE-2021-35586 
MISC 
CONFIRM 


not yet 


2021-10-20 calculated 


oracle -- java_se 














CVE-2021-35578 
MISC 
CONFIRM 


not yet 


2021-10-20 calculated 
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oracle -- java_se 


Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition 
product of Oracle Java SE (component: Hotspot). Supported 
versions that are affected are Java SE: 7u311, 8u301; Oracle 
GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit 
vulnerability allows unauthenticated attacker with network access 
via multiple protocols to compromise Java SE, Oracle GraalVM 
Enterprise Edition. Successful attacks require human interaction 
from a person other than the attacker. Successful attacks of this 
vulnerability can result in unauthorized ability to cause a partial 
denial of service (partial DOS) of Java SE, Oracle GraalVM 
Enterprise Edition. Note: This vulnerability applies to Java 
deployments, typically in clients running sandboxed Java Web 
Start applications or sandboxed Java applets, that load and run 
untrusted code (e.g., code that comes from the internet) and rely 
on the Java sandbox for security. This vulnerability can also be 
exploited by using APIs in the specified Component, e.g., through 
a web service which supplies data to the APIs. CVSS 3.1 Base 
Score 3.1 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L). 


2021-10-20 


not yet 
calculated 


CVE-2021-35588 
MISC 
CONFIRM 








oracle -- java_se 


Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition 
product of Oracle Java SE (component: JSSE). Supported 
versions that are affected are Java SE: 7u311, 8u301, 11.0.12; 
Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily 
exploitable vulnerability allows unauthenticated attacker with 
network access via TLS to compromise Java SE, Oracle GraalVM 
Enterprise Edition. Successful attacks of this vulnerability can 
result in unauthorized ability to cause a partial denial of service 
(partial DOS) of Java SE, Oracle GraalVM Enterprise Edition. 
Note: This vulnerability can only be exploited by supplying data to 
APIs in the specified Component without using Untrusted Java 
Web Start applications or Untrusted Java applets, such as through 
a web service. CVSS 3.1 Base Score 5.3 (Availability impacts). 
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/EN/A:L). 


2021-10-20 


not yet 
calculated 


CVE-2021-35565 
MISC 
CONFIRM 








oracle -- java_se 


Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition 
product of Oracle Java SE (component: Keytool). Supported 
versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; 
Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily 
exploitable vulnerability allows unauthenticated attacker with 
network access via multiple protocols to compromise Java SE, 
Oracle GraalVM Enterprise Edition. Successful attacks of this 
vulnerability can result in unauthorized update, insert or delete 
access to some of Java SE, Oracle GraalVM Enterprise Edition 
accessible data. Note: This vulnerability applies to Java 
deployments, typically in clients running sandboxed Java Web 
Start applications or sandboxed Java applets, that load and run 
untrusted code (e.g., code that comes from the internet) and rely 
on the Java sandbox for security. This vulnerability can also be 
exploited by using APIs in the specified Component, e.g., through 
a web service which supplies data to the APIs. CVSS 3.1 Base 
Score 5.3 (Integrity impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/EL/A:N). 


2021-10-20 


not yet 
calculated 


CVE-2021-35564 
MISC 
CONFIRM 








oracle -- java_se 








Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition 
product of Oracle Java SE (component: JSSE). Supported 
versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; 
Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to 
exploit vulnerability allows unauthenticated attacker with network 
access via TLS to compromise Java SE, Oracle GraalVM 
Enterprise Edition. Successful attacks of this vulnerability can 
result in unauthorized read access to a subset of Java SE, Oracle 
GraalVM Enterprise Edition accessible data. Note: This 
vulnerability applies to Java deployments, typically in clients 
running sandboxed Java Web Start applications or sandboxed 
Java applets, that load and run untrusted code (e.g., code that 
comes from the internet) and rely on the Java sandbox for 
security. This vulnerability can also be exploited by using APIs in 
the specified Component, e.g., through a web service which 
supplies data to the APIs. CVSS 3.1 Base Score 3.7 
(Confidentiality impacts). CVSS Vector: 





(CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N). 








2021-10-20 





not yet 
calculated 





CVE-2021-35603 
MISC 
CONFIRM 
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oracle -- java_se 


Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition 


product of Oracle Java SE (component: Libraries). Supported 
versions that are affected are Java SE: 8u301, 11.0.12, 17; Oracle 
GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable 
vulnerability allows low privileged attacker with network access via 
Kerberos to compromise Java SE, Oracle GraalVM Enterprise 
Edition. Successful attacks require human interaction from a 
person other than the attacker and while the vulnerability is in 
Java SE, Oracle GraalVM Enterprise Edition, attacks may 
significantly impact additional products. Successful attacks of this 
vulnerability can result in unauthorized access to critical data or 
complete access to all Java SE, Oracle GraalVM Enterprise 
Edition accessible data. Note: This vulnerability applies to Java 
deployments, typically in clients running sandboxed Java Web 
Start applications or sandboxed Java applets, that load and run 
untrusted code (e.g., code that comes from the internet) and rely 
on the Java sandbox for security. This vulnerability can also be 
exploited by using APIs in the specified Component, e.g., through 
a web service which supplies data to the APIs. CVSS 3.1 Base 
Score 6.8 (Confidentiality impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N). 


2021-10-20 


not yet 
calculated 





CVE-2021-35567 
MISC 
CONFIRM 





oracle -- java_se 


Vulnerability in the Java SE product of Oracle Java SE 
(component: Deployment). The supported version that is affected 
is Java SE: 8u301. Difficult to exploit vulnerability allows 
unauthenticated attacker with network access via multiple 
protocols to compromise Java SE. Successful attacks require 
human interaction from a person other than the attacker. 
Successful attacks of this vulnerability can result in takeover of 
Java SE. Note: This vulnerability applies to Java deployments, 
typically in clients running sandboxed Java Web Start applications 
or sandboxed Java applets, that load and run untrusted code 
(e.g., code that comes from the internet) and rely on the Java 
sandbox for security. This vulnerability does not apply to Java 
deployments, typically in servers, that load and run only trusted 
code (e.g., code installed by an administrator). CVSS 3.1 Base 
Score 7.5 (Confidentiality, Integrity and Availability impacts). 
CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-35560 
MISC 
CONFIRM 








oracle -- java_se 


Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition 
product of Oracle Java SE (component: Swing). Supported 
versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; 
Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily 
exploitable vulnerability allows unauthenticated attacker with 
network access via multiple protocols to compromise Java SE, 
Oracle GraalVM Enterprise Edition. Successful attacks of this 
vulnerability can result in unauthorized ability to cause a partial 
denial of service (partial DOS) of Java SE, Oracle GraalVM 
Enterprise Edition. Note: This vulnerability applies to Java 
deployments, typically in clients running sandboxed Java Web 
Start applications or sandboxed Java applets, that load and run 
untrusted code (e.g., code that comes from the internet) and rely 
on the Java sandbox for security. This vulnerability can also be 
exploited by using APIs in the specified Component, e.g., through 
a web service which supplies data to the APIs. CVSS 3.1 Base 
Score 5.3 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/E:N/A:L). 


2021-10-20 


not yet 
calculated 


CVE-2021-35559 
MISC 
CONFIRM 





oracle -- java_se 








Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition 


product of Oracle Java SE (component: JSSE). Supported 
versions that are affected are Java SE: 7u311, 8u301, 11.0.12; 
Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to 
exploit vulnerability allows unauthenticated attacker with network 
access via TLS to compromise Java SE, Oracle GraalVM 
Enterprise Edition. Successful attacks of this vulnerability can 
result in unauthorized access to critical data or complete access to 
all Java SE, Oracle GraalVM Enterprise Edition accessible data. 
Note: This vulnerability applies to Java deployments, typically in 
clients running sandboxed Java Web Start applications or 
sandboxed Java applets, that load and run untrusted code (e.g., 
code that comes from the internet) and rely on the Java sandbox 
for security. This vulnerability can also be exploited by using APIs 
in the specified Component, e.g., through a web service which 
supplies data to the APIs. CVSS 3.1 Base Score 5.9 
(Confidentiality impacts). CVSS Vector: 





(CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N). 








2021-10-20 





not yet 
calculated 








CVE-2021-35550 
MISC 
CONFIRM 
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oracle -- java_se 


Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition 


product of Oracle Java SE (component: Swing). Supported 
versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; 
Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily 
exploitable vulnerability allows unauthenticated attacker with 
network access via multiple protocols to compromise Java SE, 
Oracle GraalVM Enterprise Edition. Successful attacks of this 
vulnerability can result in unauthorized ability to cause a partial 
denial of service (partial DOS) of Java SE, Oracle GraalVM 
Enterprise Edition. Note: This vulnerability applies to Java 
deployments, typically in clients running sandboxed Java Web 
Start applications or sandboxed Java applets, that load and run 
untrusted code (e.g., code that comes from the internet) and rely 
on the Java sandbox for security. This vulnerability does not apply 
to Java deployments, typically in servers, that load and run only 
trusted code (e.g., code installed by an administrator). CVSS 3.1 
Base Score 5.3 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/EN/A:L). 


2021-10-20 


not yet 
calculated 





CVE-2021-35556 
MISC 
CONFIRM 








oracle -- mysql 


Vulnerability in the MySQL Cluster product of Oracle MySQL 
(component: Cluster: General). Supported versions that are 
affected are 7.5.23 and prior, 7.6.19 and prior and 8.0.26 and 
prior. Difficult to exploit vulnerability allows high privileged attacker 
with access to the physical communication segment attached to 
the hardware where the MySQL Cluster executes to compromise 
MySQL Cluster. Successful attacks require human interaction 
from a person other than the attacker. Successful attacks of this 
vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 
Base Score 6.3 (Confidentiality, Integrity and Availability impacts). 
CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-35592 
MISC 

MISC 

CONFIRM 








oracle -- mysql 


Vulnerability in the MySQL Cluster product of Oracle MySQL 
(component: Cluster: ndbcluster/plugin DDL). Supported versions 
that are affected are 8.0.26 and prior. Easily exploitable 
vulnerability allows low privileged attacker with network access via 
multiple protocols to compromise MySQL Cluster. Successful 
attacks of this vulnerability can result in unauthorized ability to 
cause a partial denial of service (partial DOS) of MySQL Cluster. 
CVSS 3.1 Base Score 4.3 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L). 


2021-10-20 


not yet 
calculated 


CVE-2021-35584 
MISC 
CONFIRM 








oracle -- mysql 


Vulnerability in the MySQL Server product of Oracle MySQL 
(component: Server: Windows). Supported versions that are 
affected are 8.0.25 and prior. Easily exploitable vulnerability allows 
unauthenticated attacker with network access via multiple 
protocols to compromise MySQL Server. Successful attacks of 
this vulnerability can result in unauthorized ability to cause a hang 
or frequently repeatable crash (complete DOS) of MySQL Server. 
CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-35583 
MISC 
CONFIRM 








oracle -- mysql 


Vulnerability in the MySQL Server product of Oracle MySQL 
(component: Server: Optimizer). Supported versions that are 
affected are 8.0.26 and prior. Easily exploitable vulnerability allows 
high privileged attacker with network access via multiple protocols 
to compromise MySQL Server. Successful attacks of this 
vulnerability can result in unauthorized ability to cause a hang or 
frequently repeatable crash (complete DOS) of MySQL Server as 
well as unauthorized update, insert or delete access to some of 
MySQL Server accessible data. CVSS 3.1 Base Score 5.5 
(Integrity and Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/E:L/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-35612 
MISC 
CONFIRM 








oracle -- mysql 








Vulnerability in the MySQL Server product of Oracle MySQL 
(component: Server: Optimizer). Supported versions that are 
affected are 8.0.26 and prior. Easily exploitable vulnerability allows 
high privileged attacker with network access via multiple protocols 
to compromise MySQL Server. Successful attacks of this 
vulnerability can result in unauthorized ability to cause a hang or 
frequently repeatable crash (complete DOS) of MySQL Server. 
CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 











2021-10-20 


not yet 
calculated 








CVE-2021-35575 
MISC 
CONFIRM 
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oracle -- mysql 


(component: Cluster: General). Supported versions that are 
affected are 7.4.33 and prior, 7.5.23 and prior, 7.6.19 and prior 
and 8.0.26 and prior. Difficult to exploit vulnerability allows high 
privileged attacker with access to the physical communication 
segment attached to the hardware where the MySQL Cluster 
executes to compromise MySQL Cluster. Successful attacks 
require human interaction from a person other than the attacker. 
Successful attacks of this vulnerability can result in takeover of 
MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality, 
Integrity and Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/1:H/A:H). 


Vulnerability in the MySQL Cluster product of Oracle MySQL 


2021-10-20 





not yet 
calculated 


CVE-2021-35593 
MISC 

MISC 

CONFIRM 








oracle -- mysql 


Vulnerability in the MySQL Server product of Oracle MySQL 
(component: Server: Error Handling). Supported versions that are 
affected are 8.0.26 and prior. Easily exploitable vulnerability allows 
high privileged attacker with network access via multiple protocols 
to compromise MySQL Server. Successful attacks of this 
vulnerability can result in unauthorized ability to cause a hang or 
frequently repeatable crash (complete DOS) of MySQL Server. 
CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-35596 
MISC 
CONFIRM 








oracle -- mysql 


Vulnerability in the MySQL Client product of Oracle MySQL 
(component: C API). Supported versions that are affected are 
8.0.26 and prior. Easily exploitable vulnerability allows low 
privileged attacker with network access via multiple protocols to 
compromise MySQL Client. Successful attacks of this vulnerability 
can result in unauthorized ability to cause a hang or frequently 
repeatable crash (complete DOS) of MySQL Client. CVSS 3.1 
Base Score 6.5 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-35597 
MISC 
CONFIRM 








oracle -- mysql 


Vulnerability in the MySQL Server product of Oracle MySQL 
(component: Server: Group Replication Plugin). Supported 
versions that are affected are 8.0.26 and prior. Difficult to exploit 
vulnerability allows low privileged attacker with network access via 
multiple protocols to compromise MySQL Server. Successful 
attacks of this vulnerability can result in unauthorized ability to 
cause a hang or frequently repeatable crash (complete DOS) of 
MySQL Server. CVSS 3.1 Base Score 5.3 (Availability impacts). 
CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-35608 
MISC 
CONFIRM 








oracle -- mysql 


Vulnerability in the MySQL Cluster product of Oracle MySQL 
(component: Cluster: General). Supported versions that are 
affected are 7.4.33 and prior, 7.5.23 and prior, 7.6.19 and prior 
and 8.0.26 and prior. Difficult to exploit vulnerability allows high 
privileged attacker with access to the physical communication 
segment attached to the hardware where the MySQL Cluster 
executes to compromise MySQL Cluster. Successful attacks 
require human interaction from a person other than the attacker. 
Successful attacks of this vulnerability can result in takeover of 
MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality, 
Integrity and Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-35590 
MISC 

MISC 

CONFIRM 





oracle -- mysql 


Vulnerability in the MySQL Cluster product of Oracle MySQL 


(component: Cluster: General). Supported versions that are 
affected are 7.4.33 and prior, 7.5.23 and prior, 7.6.19 and prior 
and 8.0.26 and prior. Difficult to exploit vulnerability allows high 
privileged attacker with access to the physical communication 
segment attached to the hardware where the MySQL Cluster 
executes to compromise MySQL Cluster. Successful attacks 
require human interaction from a person other than the attacker. 
Successful attacks of this vulnerability can result in takeover of 
MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality, 
Integrity and Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/1:H/A:H). 


2021-10-20 





not yet 
calculated 


CVE-2021-35594 
MISC 

MISC 

CONFIRM 








oracle -- mysql 








Vulnerability in the MySQL Server product of Oracle MySQL 
(component: InnoDB). Supported versions that are affected are 
5.7.35 and prior and 8.0.26 and prior. Easily exploitable 
vulnerability allows high privileged attacker with network access 
via multiple protocols to compromise MySQL Server. Successful 
attacks of this vulnerability can result in unauthorized ability to 
cause a hang or frequently repeatable crash (complete DOS) of 
MySQL Server as well as unauthorized update, insert or delete 
access to some of MySQL Server accessible data. CVSS 3.1 
Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: 





(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). 








2021-10-20 





not yet 
calculated 





CVE-2021-35604 
MISC 
CONFIRM 
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oracle -- mysql 


Vulnerability in the MySQL Cluster product of Oracle MySQL 


(component: Cluster: General). Supported versions that are 
affected are 7.4.33 and prior, 7.5.23 and prior, 7.6.19 and prior 
and 8.0.26 and prior. Difficult to exploit vulnerability allows high 
privileged attacker with access to the physical communication 
segment attached to the hardware where the MySQL Cluster 
executes to compromise MySQL Cluster. Successful attacks 
require human interaction from a person other than the attacker. 
Successful attacks of this vulnerability can result in takeover of 
MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality, 
Integrity and Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/1:H/A:H). 


2021-10-20 





not yet 
calculated 


CVE-2021-35598 
MISC 

MISC 

CONFIRM 








oracle -- mysql 


Vulnerability in the MySQL Server product of Oracle MySQL 
(component: Server: Optimizer). Supported versions that are 
affected are 8.0.26 and prior. Easily exploitable vulnerability allows 
low privileged attacker with network access via multiple protocols 
to compromise MySQL Server. Successful attacks of this 
vulnerability can result in unauthorized ability to cause a hang or 
frequently repeatable crash (complete DOS) of MySQL Server as 
well as unauthorized update, insert or delete access to some of 
MySQL Server accessible data. CVSS 3.1 Base Score 7.1 
(Integrity and Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-35610 
MISC 
CONFIRM 








oracle -- mysql 


Vulnerability in the MySQL Server product of Oracle MySQL 
(component: Server: DML). Supported versions that are affected 
are 8.0.26 and prior. Easily exploitable vulnerability allows high 
privileged attacker with network access via multiple protocols to 
compromise MySQL Server. Successful attacks of this 
vulnerability can result in unauthorized ability to cause a hang or 
frequently repeatable crash (complete DOS) of MySQL Server. 
CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-35591 
MISC 
CONFIRM 








oracle -- mysql 


Vulnerability in the MySQL Server product of Oracle MySQL 
(component: Server: DML). Supported versions that are affected 
are 8.0.26 and prior. Easily exploitable vulnerability allows high 
privileged attacker with network access via multiple protocols to 
compromise MySQL Server. Successful attacks of this 
vulnerability can result in unauthorized ability to cause a hang or 
frequently repeatable crash (complete DOS) of MySQL Server. 
CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-2478 
MISC 
CONFIRM 








oracle -- mysql 


Vulnerability in the MySQL Connectors product of Oracle MySQL 
(component: Connector/J). Supported versions that are affected 
are 8.0.26 and prior. Difficult to exploit vulnerability allows high 
privileged attacker with network access via multiple protocols to 
compromise MySQL Connectors. Successful attacks of this 
vulnerability can result in unauthorized access to critical data or 
complete access to all MySQL Connectors accessible data and 
unauthorized ability to cause a hang or frequently repeatable 
crash (complete DOS) of MySQL Connectors. CVSS 3.1 Base 
Score 5.9 (Confidentiality and Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H). 


2021-10-20 


calculated 


CVE-2021-2471 
MISC 








oracle -- mysql 


Vulnerability in the MySQL Cluster product of Oracle MySQL 
(component: Cluster: General). Supported versions that are 
affected are 8.0.26 and prior. Difficult to exploit vulnerability allows 
unauthenticated attacker with network access via multiple 
protocols to compromise MySQL Cluster. Successful attacks of 
this vulnerability can result in unauthorized ability to cause a 
partial denial of service (partial DOS) of MySQL Cluster. CVSS 3.1 
Base Score 3.7 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). 


2021-10-20 


not yet 
calculated 


CVE-2021-35613 
MISC 
CONFIRM 








oracle -- mysql 








Vulnerability in the MySQL Server product of Oracle MySQL 
(component: Server: Options). Supported versions that are 
affected are 8.0.26 and prior. Difficult to exploit vulnerability allows 
high privileged attacker with network access via multiple protocols 
to compromise MySQL Server. Successful attacks of this 
vulnerability can result in unauthorized ability to cause a hang or 
frequently repeatable crash (complete DOS) of MySQL Server as 
well as unauthorized update, insert or delete access to some of 
MySQL Server accessible data. CVSS 3.1 Base Score 5.0 
(Integrity and Availability impacts). CVSS Vector: 





(CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/E:L/A:H). 








2021-10-20 


not yet 
calculated 








CVE-2021-35602 
MISC 
CONFIRM 





not yet 
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oracle -- mysql 


Vulnerability in the MySQL Server product of Oracle MySQL 


(component: Server: DML). Supported versions that are affected 
are 8.0.26 and prior. Easily exploitable vulnerability allows low 
privileged attacker with network access via multiple protocols to 
compromise MySQL Server. Successful attacks of this 
vulnerability can result in unauthorized ability to cause a hang or 
frequently repeatable crash (complete DOS) of MySQL Server. 
CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-35607 
MISC 
CONFIRM 





oracle -- mysql 


Vulnerability in the MySQL Server product of Oracle MySQL 


(component: Server: Replication). Supported versions that are 
affected are 8.0.26 and prior. Easily exploitable vulnerability allows 
high privileged attacker with network access via multiple protocols 
to compromise MySQL Server. Successful attacks of this 
vulnerability can result in unauthorized ability to cause a hang or 
frequently repeatable crash (complete DOS) of MySQL Server. 
CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-35546 
MISC 
CONFIRM 





oracle -- mysql 


Vulnerability in the MySQL Server product of Oracle MySQL 


(component: Server: Optimizer). Supported versions that are 
affected are 8.0.26 and prior. Easily exploitable vulnerability allows 
low privileged attacker with network access via multiple protocols 
to compromise MySQL Server. Successful attacks of this 
vulnerability can result in unauthorized ability to cause a hang or 
frequently repeatable crash (complete DOS) of MySQL Server. 
CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-2481 
MISC 
CONFIRM 





oracle -- mysql 


Vulnerability in the MySQL Server product of Oracle MySQL 


(component: Server: Optimizer). Supported versions that are 
affected are 8.0.26 and prior. Easily exploitable vulnerability allows 
high privileged attacker with network access via MySQL Protcol to 
compromise MySQL Server. Successful attacks of this 
vulnerability can result in unauthorized ability to cause a hang or 
frequently repeatable crash (complete DOS) of MySQL Server. 
CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-35577 
MISC 
CONFIRM 





oracle -- mysql 


Vulnerability in the MySQL Server product of Oracle MySQL 


(component: Server: DML). Supported versions that are affected 
are 8.0.25 and prior. Easily exploitable vulnerability allows high 
privileged attacker with network access via multiple protocols to 
compromise MySQL Server. Successful attacks of this 
vulnerability can result in unauthorized ability to cause a hang or 
frequently repeatable crash (complete DOS) of MySQL Server. 
CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-35537 
MISC 
CONFIRM 





oracle -- mysql 


Vulnerability in the MySQL Server product of Oracle MySQL 


(component: Server: DML). Supported versions that are affected 
are 8.0.26 and prior. Easily exploitable vulnerability allows high 
privileged attacker with network access via multiple protocols to 
compromise MySQL Server. Successful attacks of this 
vulnerability can result in unauthorized ability to cause a hang or 
frequently repeatable crash (complete DOS) of MySQL Server. 
CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-2479 
MISC 
CONFIRM 





oracle -- mysql_server 


Vulnerability in the MySQL Server product of Oracle MySQL 


(component: Server: Optimizer). Supported versions that are 
affected are 8.0.26 and prior. Easily exploitable vulnerability allows 
high privileged attacker with network access via multiple protocols 
to compromise MySQL Server. Successful attacks of this 
vulnerability can result in unauthorized ability to cause a hang or 
frequently repeatable crash (complete DOS) of MySQL Server. 
CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 


2021-10-20 





not yet 
calculated 


CVE-2021-35638 
MISC 
CONFIRM 





oracle -- mysql_server 








Vulnerability in the MySQL Server product of Oracle MySQL 


(component: Server: Optimizer). Supported versions that are 
affected are 8.0.26 and prior. Easily exploitable vulnerability allows 
high privileged attacker with network access via multiple protocols 
to compromise MySQL Server. Successful attacks of this 
vulnerability can result in unauthorized ability to cause a hang or 
frequently repeatable crash (complete DOS) of MySQL Server. 
CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 











2021-10-20 





not yet 
calculated 





CVE-2021-35644 
MISC 
CONFIRM 
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oracle -- mysql_server 


Vulnerability in the MySQL Server product of Oracle MySQL 


(component: Server: PS). Supported versions that are affected are 
8.0.26 and prior. Easily exploitable vulnerability allows high 
privileged attacker with network access via multiple protocols to 
compromise MySQL Server. Successful attacks of this 
vulnerability can result in unauthorized ability to cause a hang or 
frequently repeatable crash (complete DOS) of MySQL Server. 
CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 


2021-10-20 


not yet 
calculated 





CVE-2021-35637 
MISC 
CONFIRM 





oracle -- mysql_server 


Vulnerability in the MySQL Server product of Oracle MySQL 


(component: Server: Data Dictionary). Supported versions that are 
affected are 8.0.26 and prior. Easily exploitable vulnerability allows 
high privileged attacker with logon to the infrastructure where 
MySQL Server executes to compromise MySQL Server. 
Successful attacks of this vulnerability can result in unauthorized 
ability to cause a hang or frequently repeatable crash (complete 
DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability 
impacts). CVSS Vector: 
(CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-35632 
MISC 
CONFIRM 








oracle -- mysql_server 


Vulnerability in the MySQL Server product of Oracle MySQL 
(component: Server: Optimizer). Supported versions that are 
affected are 8.0.26 and prior. Easily exploitable vulnerability allows 
high privileged attacker with network access via multiple protocols 
to compromise MySQL Server. Successful attacks of this 
vulnerability can result in unauthorized ability to cause a hang or 
frequently repeatable crash (complete DOS) of MySQL Server. 
CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-35634 
MISC 
CONFIRM 








oracle -- mysql_server 


Vulnerability in the MySQL Server product of Oracle MySQL 
(component: Server: Optimizer). Supported versions that are 
affected are 8.0.26 and prior. Easily exploitable vulnerability allows 
high privileged attacker with network access via multiple protocols 
to compromise MySQL Server. Successful attacks of this 
vulnerability can result in unauthorized ability to cause a hang or 
frequently repeatable crash (complete DOS) of MySQL Server. 
CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-35642 
MISC 
CONFIRM 








oracle -- mysql_server 


Vulnerability in the MySQL Server product of Oracle MySQL 
(component: Server: Optimizer). Supported versions that are 
affected are 8.0.25 and prior. Easily exploitable vulnerability allows 
high privileged attacker with network access via multiple protocols 
to compromise MySQL Server. Successful attacks of this 
vulnerability can result in unauthorized ability to cause a hang or 
frequently repeatable crash (complete DOS) of MySQL Server. 
CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 


2021-10-20 


calculated 


CVE-2021-35629 
MISC 
CONFIRM 








oracle -- mysql_server 


Vulnerability in the MySQL Server product of Oracle MySQL 
(component: Server: Optimizer). Supported versions that are 
affected are 8.0.26 and prior. Easily exploitable vulnerability allows 
high privileged attacker with network access via multiple protocols 
to compromise MySQL Server. Successful attacks of this 
vulnerability can result in unauthorized ability to cause a hang or 
frequently repeatable crash (complete DOS) of MySQL Server. 
CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-35643 
MISC 
CONFIRM 








oracle -- mysql_server 


Vulnerability in the MySQL Cluster product of Oracle MySQL 
(component: Cluster: General). Supported versions that are 
affected are 7.4.33 and prior, 7.5.23 and prior, 7.6.19 and prior 
and 8.0.26 and prior. Difficult to exploit vulnerability allows high 
privileged attacker with access to the physical communication 
segment attached to the hardware where the MySQL Cluster 
executes to compromise MySQL Cluster. Successful attacks 
require human interaction from a person other than the attacker. 
Successful attacks of this vulnerability can result in takeover of 
MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality, 
Integrity and Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/1:H/A:H). 


2021-10-20 


not yet 
calculated 


not yet 


CVE-2021-35621 
MISC 

MISC 

CONFIRM 





oracle -- mysql_server 








Vulnerability in the MySQL Server product of Oracle MySQL 


(component: Server: Optimizer). Supported versions that are 
affected are 8.0.26 and prior. Easily exploitable vulnerability allows 
high privileged attacker with network access via multiple protocols 
to compromise MySQL Server. Successful attacks of this 
vulnerability can result in unauthorized ability to cause a hang or 
frequently repeatable crash (complete DOS) of MySQL Server. 
CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 











2021-10-20 


not yet 
calculated 











CVE-2021-35645 
MISC 
CONFIRM 
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oracle -- mysql_server 


Vulnerability in the MySQL Server product of Oracle MySQL 


(component: Server: GIS). Supported versions that are affected 
are 8.0.26 and prior. Easily exploitable vulnerability allows high 
privileged attacker with network access via multiple protocols to 
compromise MySQL Server. Successful attacks of this 
vulnerability can result in unauthorized ability to cause a hang or 
frequently repeatable crash (complete DOS) of MySQL Server. 
CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-35631 
MISC 
CONFIRM 





oracle -- mysql_server 


Vulnerability in the MySQL Server product of Oracle MySQL 


(component: Server: Optimizer). Supported versions that are 
affected are 8.0.26 and prior. Easily exploitable vulnerability allows 
high privileged attacker with network access via multiple protocols 
to compromise MySQL Server. Successful attacks of this 
vulnerability can result in unauthorized ability to cause a hang or 
frequently repeatable crash (complete DOS) of MySQL Server. 
CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-35636 
MISC 
CONFIRM 





oracle -- mysql_server 


Vulnerability in the MySQL Server product of Oracle MySQL 


(component: Server: Security: Encryption). Supported versions 
that are affected are 8.0.26 and prior. Easily exploitable 
vulnerability allows high privileged attacker with network access 
via multiple protocols to compromise MySQL Server. Successful 
attacks of this vulnerability can result in unauthorized ability to 
cause a hang or frequently repeatable crash (complete DOS) of 
MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). 


2021-10-20 


not yet 
calculated 


CVE-2021-35622 
MISC 
CONFIRM 





oracle -- mysql_server 


CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 


Vulnerability in the MySQL Server product of Oracle MySQL 
(component: Server: Security: Roles). Supported versions that are 
affected are 8.0.26 and prior. Easily exploitable vulnerability allows 
high privileged attacker with network access via multiple protocols 
to compromise MySQL Server. Successful attacks of this 
vulnerability can result in unauthorized read access to a subset of 
MySQL Server accessible data. CVSS 3.1 Base Score 2.7 
(Confidentiality impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N). 


2021-10-20 





not yet 
calculated 


CVE-2021-35623 
MISC 
CONFIRM 





oracle -- mysql_server 


Vulnerability in the MySQL Server product of Oracle MySQL 


(component: Server: Security: Privileges). Supported versions that 
are affected are 5.7.35 and prior and 8.0.26 and prior. Easily 
exploitable vulnerability allows high privileged attacker with 
network access via multiple protocols to compromise MySQL 
Server. Successful attacks of this vulnerability can result in 
unauthorized creation, deletion or modification access to critical 
data or all MySQL Server accessible data. CVSS 3.1 Base Score 
4.9 (Integrity impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N). 


2021-10-20 


not yet 
calculated 


CVE-2021-35624 
MISC 
CONFIRM 








oracle -- mysql_server 


Vulnerability in the MySQL Server product of Oracle MySQL 
(component: Server: Stored Procedure). Supported versions that 
are affected are 8.0.26 and prior. Easily exploitable vulnerability 
allows high privileged attacker with network access via multiple 
protocols to compromise MySQL Server. Successful attacks of 
this vulnerability can result in unauthorized ability to cause a hang 
or frequently repeatable crash (complete DOS) of MySQL Server. 
CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-35639 
MISC 
CONFIRM 








oracle -- mysql_server 


Vulnerability in the MySQL Server product of Oracle MySQL 
(component: Server: Security: Privileges). Supported versions that 
are affected are 8.0.26 and prior. Easily exploitable vulnerability 
allows high privileged attacker with network access via multiple 
protocols to compromise MySQL Server. Successful attacks of 
this vulnerability can result in unauthorized read access to a 
subset of MySQL Server accessible data. CVSS 3.1 Base Score 
2.7 (Confidentiality impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N). 


2021-10-20 


not yet 
calculated 


CVE-2021-35625 
MISC 
CONFIRM 








oracle -- mysql_server 








Vulnerability in the MySQL Server product of Oracle MySQL 
(component: Server: Optimizer). Supported versions that are 
affected are 8.0.26 and prior. Easily exploitable vulnerability allows 
high privileged attacker with network access via multiple protocols 
to compromise MySQL Server. Successful attacks of this 
vulnerability can result in unauthorized ability to cause a hang or 
frequently repeatable crash (complete DOS) of MySQL Server. 
CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: 





(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 








2021-10-20 





not yet 
calculated 





CVE-2021-35628 
MISC 
CONFIRM 
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oracle -- mysql_server 


Vulnerability in the MySQL Cluster product of Oracle MySQL 


(component: Cluster: General). Supported versions that are 
affected are 8.0.26 and prior. Difficult to exploit vulnerability allows 
high privileged attacker with access to the physical communication 
segment attached to the hardware where the MySQL Cluster 
executes to compromise MySQL Cluster. Successful attacks 
require human interaction from a person other than the attacker. 
Successful attacks of this vulnerability can result in unauthorized 
ability to cause a partial denial of service (partial DOS) of MySQL 
Cluster. CVSS 3.1 Base Score 1.8 (Availability impacts). CVSS 
Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:L). 


2021-10-20 


not yet 
calculated 


CVE-2021-35618 
MISC 
CONFIRM 





oracle -- mysql_server 


Vulnerability in the MySQL Server product of Oracle MySQL 


(component: Server: Optimizer). Supported versions that are 
affected are 8.0.26 and prior. Easily exploitable vulnerability allows 
high privileged attacker with network access via multiple protocols 
to compromise MySQL Server. Successful attacks of this 
vulnerability can result in unauthorized ability to cause a hang or 
frequently repeatable crash (complete DOS) of MySQL Server. 
CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-35626 
MISC 
CONFIRM 





oracle -- mysql_server 


Vulnerability in the MySQL Server product of Oracle MySQL 


(component: Server: Optimizer). Supported versions that are 
affected are 8.0.26 and prior. Easily exploitable vulnerability allows 
high privileged attacker with network access via multiple protocols 
to compromise MySQL Server. Successful attacks of this 
vulnerability can result in unauthorized ability to cause a hang or 
frequently repeatable crash (complete DOS) of MySQL Server. 
CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-35641 
MISC 
CONFIRM 





oracle -- mysql_server 


Vulnerability in the MySQL Server product of Oracle MySQL 


(component: Server: Options). Supported versions that are 
affected are 8.0.26 and prior. Easily exploitable vulnerability allows 
high privileged attacker with network access via multiple protocols 
to compromise MySQL Server. Successful attacks of this 
vulnerability can result in unauthorized creation, deletion or 
modification access to critical data or all MySQL Server accessible 
data. CVSS 3.1 Base Score 4.9 (Integrity impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N). 


2021-10-20 


not yet 
calculated 


CVE-2021-35630 
MISC 
CONFIRM 





oracle -- mysql_server 


Vulnerability in the MySQL Server product of Oracle MySQL 


(component: Server: DDL). Supported versions that are affected 
are 8.0.26 and prior. Easily exploitable vulnerability allows high 
privileged attacker with network access via multiple protocols to 
compromise MySQL Server. Successful attacks of this 
vulnerability can result in unauthorized update, insert or delete 
access to some of MySQL Server accessible data. CVSS 3.1 
Base Score 2.7 (Integrity impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N). 


2021-10-20 


not yet 
calculated 


CVE-2021-35640 
MISC 
CONFIRM 





oracle -- mysql_server 


Vulnerability in the MySQL Server product of Oracle MySQL 


(component: Server: Logging). Supported versions that are 
affected are 8.0.26 and prior. Easily exploitable vulnerability allows 
high privileged attacker with network access via multiple protocols 
to compromise MySQL Server. Successful attacks of this 
vulnerability can result in unauthorized ability to cause a partial 
denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base 
Score 2.7 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L). 


2021-10-20 


not yet 
calculated 


CVE-2021-35633 
MISC 
CONFIRM 





oracle -- mysql_server 


Vulnerability in the MySQL Server product of Oracle MySQL 


(component: Server: Optimizer). Supported versions that are 
affected are 8.0.26 and prior. Easily exploitable vulnerability allows 
high privileged attacker with network access via multiple protocols 
to compromise MySQL Server. Successful attacks of this 
vulnerability can result in unauthorized ability to cause a hang or 
frequently repeatable crash (complete DOS) of MySQL Server. 
CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 


2021-10-20 





not yet 
calculated 


CVE-2021-35635 
MISC 
CONFIRM 








oracle -- mysql_server 





Vulnerability in the MySQL Server product of Oracle MySQL 


(component: Server: Optimizer). Supported versions that are 
affected are 8.0.26 and prior. Easily exploitable vulnerability allows 
high privileged attacker with network access via multiple protocols 
to compromise MySQL Server. Successful attacks of this 
vulnerability can result in unauthorized ability to cause a hang or 
frequently repeatable crash (complete DOS) of MySQL Server. 
CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: 





(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 








2021-10-20 





not yet 
calculated 





CVE-2021-35646 
MISC 
CONFIRM 











https://content.govdelivery.com/accounts/USDHSCISA/bulletins/2f919b9 


51/64 








10/25/21, 1:59 PM 


Vulnerability Summary for the Week of October 18, 2021 





Primary 
Vendor -- Product 


Description 


Published 


CVSS 
Score 


Source & Patch 
Info 





oracle -- mysql_server 


Vulnerability in the MySQL Server product of Oracle MySQL 


(component: Server: Optimizer). Supported versions that are 
affected are 8.0.26 and prior. Easily exploitable vulnerability allows 
high privileged attacker with network access via multiple protocols 
to compromise MySQL Server. Successful attacks of this 
vulnerability can result in unauthorized ability to cause a hang or 
frequently repeatable crash (complete DOS) of MySQL Server. 
CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-35647 
MISC 
CONFIRM 





oracle -- mysql_server 


Vulnerability in the MySQL Server product of Oracle MySQL 


(component: Server: FTS). Supported versions that are affected 
are 8.0.26 and prior. Easily exploitable vulnerability allows high 
privileged attacker with network access via multiple protocols to 
compromise MySQL Server. Successful attacks of this 
vulnerability can result in unauthorized ability to cause a hang or 
frequently repeatable crash (complete DOS) of MySQL Server. 
CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-35648 
MISC 
CONFIRM 





oracle -- mysql_server 


Vulnerability in the MySQL Server product of Oracle MySQL 


(component: Server: Optimizer). Supported versions that are 
affected are 8.0.26 and prior. Easily exploitable vulnerability allows 
high privileged attacker with network access via multiple protocols 
to compromise MySQL Server. Successful attacks of this 
vulnerability can result in unauthorized ability to cause a hang or 
frequently repeatable crash (complete DOS) of MySQL Server. 
CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-35627 
MISC 
CONFIRM 





oracle -- peoplesoft 


Vulnerability in the PeopleSoft Enterprise CS Student Records 


product of Oracle PeopleSoft (component: Class Search). The 
supported version that is affected is 9.2. Easily exploitable 
vulnerability allows low privileged attacker with network access via 
HTTP to compromise PeopleSoft Enterprise CS Student Records. 
Successful attacks require human interaction from a person other 
than the attacker and while the vulnerability is in PeopleSoft 
Enterprise CS Student Records, attacks may significantly impact 
additional products. Successful attacks of this vulnerability can 
result in unauthorized update, insert or delete access to some of 
PeopleSoft Enterprise CS Student Records accessible data as 
well as unauthorized read access to a subset of PeopleSoft 
Enterprise CS Student Records accessible data. CVSS 3.1 Base 
Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N). 


2021-10-20 


not yet 
calculated 


CVE-2021-35553 
MISC 





oracle -- peoplesoft 


Vulnerability in the PeopleSoft Enterprise PeopleTools product of 


Oracle PeopleSoft (component: Business Interlink). Supported 
versions that are affected are 8.57, 8.58 and 8.59. Easily 
exploitable vulnerability allows unauthenticated attacker with 
network access via HTTP to compromise PeopleSoft Enterprise 
PeopleTools. Successful attacks require human interaction from a 
person other than the attacker and while the vulnerability is in 
PeopleSoft Enterprise PeopleTools, attacks may significantly 
impact additional products. Successful attacks of this vulnerability 
can result in unauthorized update, insert or delete access to some 
of PeopleSoft Enterprise PeopleTools accessible data as well as 
unauthorized read access to a subset of PeopleSoft Enterprise 
PeopleTools accessible data. CVSS 3.1 Base Score 6.1 
(Confidentiality and Integrity impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). 


2021-10-20 





not yet 
calculated 


CVE-2021-35595 
MISC 





oracle -- peoplesoft 








Vulnerability in the PeopleSoft Enterprise CS Campus Community 


product of Oracle PeopleSoft (component: Notification 
Framework). Supported versions that are affected are 9.0 and 9.2. 
Easily exploitable vulnerability allows low privileged attacker with 
access to the physical communication segment attached to the 
hardware where the PeopleSoft Enterprise CS Campus 
Community executes to compromise PeopleSoft Enterprise CS 
Campus Community. Successful attacks of this vulnerability can 
result in unauthorized access to critical data or complete access to 
all PeopleSoft Enterprise CS Campus Community accessible 
data. CVSS 3.1 Base Score 5.7 (Confidentiality impacts). CVSS 





Vector: (CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). 








2021-10-20 





not yet 
calculated 





CVE-2021-35606 
MISC 
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oracle -- peoplesoft 


Vulnerability in the PeopleSoft Enterprise SCM product of Oracle 


PeopleSoft (component: Supplier Portal). The supported version 
that is affected is 9.2. Easily exploitable vulnerability allows low 
privileged attacker with network access via HTTP to compromise 
PeopleSoft Enterprise SCM. Successful attacks require human 
interaction from a person other than the attacker and while the 
vulnerability is in PeopleSoft Enterprise SCM, attacks may 
significantly impact additional products. Successful attacks of this 
vulnerability can result in unauthorized update, insert or delete 
access to some of PeopleSoft Enterprise SCM accessible data as 
well as unauthorized read access to a subset of PeopleSoft 
Enterprise SCM accessible data. CVSS 3.1 Base Score 5.4 
(Confidentiality and Integrity impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N). 


2021-10-20 


not yet 
calculated 





CVE-2021-35541 
MISC 








oracle -- peoplesoft 


Vulnerability in the PeopleSoft Enterprise CC Common Application 
Objects product of Oracle PeopleSoft (component: Activity Guide 
Composer). The supported version that is affected is 9.2. Easily 
exploitable vulnerability allows low privileged attacker with network 
access via HTTP to compromise PeopleSoft Enterprise CC 
Common Application Objects. Successful attacks of this 
vulnerability can result in unauthorized creation, deletion or 
modification access to critical data or all PeopleSoft Enterprise CC 
Common Application Objects accessible data as well as 
unauthorized access to critical data or complete access to all 
PeopleSoft Enterprise CC Common Application Objects 
accessible data. CVSS 3.1 Base Score 8.1 (Confidentiality and 
Integrity impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N). 


2021-10-20 


not yet 
calculated 


CVE-2021-35543 
MISC 





oracle -- peoplesoft 


Vulnerability in the PeopleSoft Enterprise PeopleTools product of 


Oracle PeopleSoft (component: SQR). Supported versions that 
are affected are 8.57, 8.58 and 8.59. Easily exploitable 
vulnerability allows low privileged attacker with network access via 
HTTP to compromise PeopleSoft Enterprise PeopleTools. 
Successful attacks of this vulnerability can result in unauthorized 
access to critical data or complete access to all PeopleSoft 
Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 
6.5 (Confidentiality impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). 


2021-10-20 


not yet 
calculated 





CVE-2021-35609 
MISC 








oracle -- peoplesoft 


Vulnerability in the PeopleSoft Enterprise CS SA Integration Pack 
product of Oracle PeopleSoft (component: Students 
Administration). Supported versions that are affected are 9.0 and 
9.2. Easily exploitable vulnerability allows low privileged attacker 
with access to the physical communication segment attached to 
the hardware where the PeopleSoft Enterprise CS SA Integration 
Pack executes to compromise PeopleSoft Enterprise CS SA 
Integration Pack. Successful attacks of this vulnerability can result 
in unauthorized access to critical data or complete access to all 
PeopleSoft Enterprise CS SA Integration Pack accessible data. 
CVSS 3.1 Base Score 5.7 (Confidentiality impacts). CVSS Vector: 
(CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). 


2021-10-20 


not yet 
calculated 


CVE-2021-35601 
MISC 





oracle -- peoplesoft 


Vulnerability in the PeopleSoft Enterprise CS Academic 
Advisement product of Oracle PeopleSoft (component: Advising 
Notes). The supported version that is affected is 9.2. Easily 
exploitable vulnerability allows low privileged attacker with network 
access via HTTP to compromise PeopleSoft Enterprise CS 
Academic Advisement. Successful attacks of this vulnerability can 
result in unauthorized update, insert or delete access to some of 
PeopleSoft Enterprise CS Academic Advisement accessible data 
as well as unauthorized read access to a subset of PeopleSoft 
Enterprise CS Academic Advisement accessible data. CVSS 3.1 
Base Score 5.4 (Confidentiality and Integrity impacts). CVSS 
Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N). 


2021-10-20 





not yet 
calculated 


CVE-2021-35571 
MISC 








oracle -- peoplesoft 











Vulnerability in the PeopleSoft Enterprise PeopleTools product of 
Oracle PeopleSoft (component: Rich Text Editor). Supported 
versions that are affected are 8.57, 8.58 and 8.59. Easily 
exploitable vulnerability allows unauthenticated attacker with 
network access via HTTP to compromise PeopleSoft Enterprise 
PeopleTools. Successful attacks require human interaction from a 
person other than the attacker and while the vulnerability is in 
PeopleSoft Enterprise PeopleTools, attacks may significantly 
impact additional products. Successful attacks of this vulnerability 
can result in unauthorized update, insert or delete access to some 
of PeopleSoft Enterprise PeopleTools accessible data as well as 
unauthorized read access to a subset of PeopleSoft Enterprise 
PeopleTools accessible data. CVSS 3.1 Base Score 6.1 
(Confidentiality and Integrity impacts). CVSS Vector: 








(CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). 





2021-10-20 


not yet 
calculated 








CVE-2021-35568 
MISC 
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oracle -- solarias 


Vulnerability in the Oracle Solaris product of Oracle Systems 


(component: Utility). The supported version that is affected is 11. 
Easily exploitable vulnerability allows low privileged attacker with 
logon to the infrastructure where Oracle Solaris executes to 
compromise Oracle Solaris. Successful attacks require human 
interaction from a person other than the attacker. Successful 
attacks of this vulnerability can result in unauthorized update, 
insert or delete access to some of Oracle Solaris accessible data 
and unauthorized ability to cause a partial denial of service (partial 
DOS) of Oracle Solaris. CVSS 3.1 Base Score 3.9 (Integrity and 
Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L). 


2021-10-20 





not yet 
calculated 


CVE-2021-35549 
MISC 








oracle -- solaris 


Vulnerability in the Oracle Solaris product of Oracle Systems 
(component: Filesystem). The supported version that is affected is 
11. Easily exploitable vulnerability allows low privileged attacker 
with logon to the infrastructure where Oracle Solaris executes to 
compromise Oracle Solaris. While the vulnerability is in Oracle 
Solaris, attacks may significantly impact additional products. 
Successful attacks of this vulnerability can result in unauthorized 
ability to cause a hang or frequently repeatable crash (complete 
DOS) of Oracle Solaris. CVSS 3.1 Base Score 6.5 (Availability 
impacts). CVSS Vector: 
(CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-35539 
MISC 








oracle -- solaris 


Vulnerability in the Oracle Solaris product of Oracle Systems 
(component: Device drivers). The supported version that is 
affected is 11. Easily exploitable vulnerability allows high 
privileged attacker with logon to the infrastructure where Oracle 
Solaris executes to compromise Oracle Solaris. While the 
vulnerability is in Oracle Solaris, attacks may significantly impact 
additional products. Successful attacks of this vulnerability can 
result in unauthorized ability to cause a hang or frequently 
repeatable crash (complete DOS) of Oracle Solaris. CVSS 3.1 
Base Score 6.0 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H). 


2021-10-20 


not yet 
calculated 


CVE-2021-35589 
MISC 








oracle -- supply_chain 


Vulnerability in the Oracle Transportation Management product of 
Oracle Supply Chain (component: Authentication). The supported 
version that is affected is 6.4.3. Easily exploitable vulnerability 
allows unauthenticated attacker with network access via HTTP to 
compromise Oracle Transportation Management. Successful 
attacks of this vulnerability can result in unauthorized read access 
to a subset of Oracle Transportation Management accessible 
data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS 
Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N). 


2021-10-20 


not yet 
calculated 


CVE-2021-2476 
MISC 








oracle -- supply_chain 


Vulnerability in the Oracle Transportation Management product of 
Oracle Supply Chain (component: UI Infrastructure). The 
supported version that is affected is 6.4.3. Easily exploitable 
vulnerability allows low privileged attacker with network access via 
HTTP to compromise Oracle Transportation Management. 
Successful attacks of this vulnerability can result in unauthorized 
update, insert or delete access to some of Oracle Transportation 
Management accessible data as well as unauthorized read access 
to a subset of Oracle Transportation Management accessible 
data. CVSS 3.1 Base Score 5.4 (Confidentiality and Integrity 
impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N). 


2021-10-20 


not yet 
calculated 


CVE-2021-35616 
MISC 





oracle -- virtualization 








Vulnerability in the Oracle Secure Global Desktop product of 


Oracle Virtualization (component: Server). The supported version 
that is affected is 5.6. Easily exploitable vulnerability allows low 
privileged attacker with network access via multiple protocols to 
compromise Oracle Secure Global Desktop. Successful attacks of 
this vulnerability can result in unauthorized read access to a 
subset of Oracle Secure Global Desktop accessible data and 
unauthorized ability to cause a partial denial of service (partial 
DOS) of Oracle Secure Global Desktop. CVSS 3.1 Base Score 
5.4 (Confidentiality and Availability impacts). CVSS Vector: 





(CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L). 








2021-10-20 








not yet 
calculated 





CVE-2021-35649 
MISC 
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Vulnerability in the Oracle Secure Global Desktop product of 
Oracle Virtualization (component: Client). The supported version 
that is affected is 5.6. Easily exploitable vulnerability allows low 
privileged attacker with network access via multiple protocols to 
compromise Oracle Secure Global Desktop. Successful attacks 
oracle -- virtualization require human interaction from a person other than the attacker. 
Successful attacks of this vulnerability can result in unauthorized 
read access to a subset of Oracle Secure Global Desktop 
accessible data and unauthorized ability to cause a partial denial 
of service (partial DOS) of Oracle Secure Global Desktop. CVSS 
3.1 Base Score 4.6 (Confidentiality and Availability impacts). 
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L). 


Vulnerability in the Oracle VM VirtualBox product of Oracle 
Virtualization (component: Core). The supported version that is 
affected is Prior to 6.1.28. Easily exploitable vulnerability allows 
high privileged attacker with logon to the infrastructure where 
Oracle VM VirtualBox executes to compromise Oracle VM 
VirtualBox. While the vulnerability is in Oracle VM VirtualBox, 
attacks may significantly impact additional products. Successful 2021-10-20 
attacks of this vulnerability can result in unauthorized ability to 
cause a hang or frequently repeatable crash (complete DOS) of 
Oracle VM VirtualBox and unauthorized read access to a subset 
of Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 
6.7 (Confidentiality and Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:H). 


Vulnerability in the Oracle VM VirtualBox product of Oracle 
Virtualization (component: Core). The supported version that is 
affected is Prior to 6.1.28. Easily exploitable vulnerability allows 
high privileged attacker with logon to the infrastructure where 
oracle -- vm_virtualbox Oracle VM VirtualBox executes to compromise Oracle VM 
VirtualBox. Successful attacks of this vulnerability can result in 
unauthorized ability to cause a hang or frequently repeatable 
crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.1 Base 
Score 4.4 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 


Vulnerability in the Oracle VM VirtualBox product of Oracle 
Virtualization (component: Core). The supported version that is 
affected is Prior to 6.1.28. Easily exploitable vulnerability allows 
high privileged attacker with logon to the infrastructure where 
oracle -- vm_virtualbox Oracle VM VirtualBox executes to compromise Oracle VM 2021-10-20 not yet |CVE-2021-2475 
VirtualBox. Successful attacks of this vulnerability can result in calculated |MISC 
unauthorized ability to cause a hang or frequently repeatable 
crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.1 Base 
Score 4.4 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 


Vulnerability in the Oracle VM VirtualBox product of Oracle 
Virtualization (component: Core). The supported version that is 
affected is Prior to 6.1.28. Easily exploitable vulnerability allows 
low privileged attacker with logon to the infrastructure where 
oracle -- vm_virtualbox Oracle VM VirtualBox executes to compromise Oracle VM 
VirtualBox. Successful attacks of this vulnerability can result in 
unauthorized ability to cause a hang or frequently repeatable 
crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.1 Base 
Score 5.5 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). 


Vulnerability in the Oracle VM VirtualBox product of Oracle 
Virtualization (component: Core). The supported version that is 
affected is Prior to 6.1.28. Easily exploitable vulnerability allows 
low privileged attacker with logon to the infrastructure where 
oracle -- vm_virtualbox Oracle VM VirtualBox executes to compromise Oracle VM 2021-10-20 not yet |CVE-2021-35538 
VirtualBox. Successful attacks of this vulnerability can result in calculated |MISC 

takeover of Oracle VM VirtualBox. Note: This vulnerability does 
not apply to Windows systems. CVSS 3.1 Base Score 7.8 
(Confidentiality, Integrity and Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). 


Vulnerability in the Oracle WebLogic Server product of Oracle 
Fusion Middleware (component: Coherence Container). 
Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 
12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows 
oracle -- weblogic_server unauthenticated attacker with network access via IIOP to 2021-10-20 not yet ||CVE-2021-35617 
compromise Oracle WebLogic Server. Successful attacks of this calculated ||MISC 
vulnerability can result in takeover of Oracle WebLogic Server. 
CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability 
impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). 


not yet ||CVE-2021-35650 


2021-10-20 || calculated |IMISC 








oracle -- vm_virtualbox not yet |CVE-2021-35545 


calculated ||MISC 








not yet |CVE-2021-35542 


2021-10-20 || calculated ||IMISC 














not yet CVE-2021-35540 


2021-10-20 || calculated MISC 
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oracle -- weblogic_server 


Vulnerability in the Oracle WebLogic Server product of Oracle 


Fusion Middleware (component: Core). Supported versions that 
are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 
14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated 
attacker with network access via T3 to compromise Oracle 
WebLogic Server. Successful attacks of this vulnerability can 
result in unauthorized ability to cause a hang or frequently 
repeatable crash (complete DOS) of Oracle WebLogic Server. 
CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). 


2021-10-20 





not yet 
calculated 


CVE-2021-35620 
MISC 








oracle -- weblogic_server 


Vulnerability in the Oracle WebLogic Server product of Oracle 
Fusion Middleware (component: Diagnostics). Supported versions 
that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily 
exploitable vulnerability allows unauthenticated attacker with 
network access via HTTP to compromise Oracle WebLogic 
Server. Successful attacks of this vulnerability can result in 
unauthorized update, insert or delete access to some of Oracle 
WebLogic Server accessible data. CVSS 3.1 Base Score 5.3 
(Integrity impacts). CVSS Vector: 
(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/EL/A:N). 


2021-10-20 


not yet 
calculated 


CVE-2021-35552 
MISC 





orion -- platform 


Each authenticated Orion Platform user in a MSP (Managed 
Service Provider) environment can view and browse all NetPath 
Services from all that MSP's customers. This can lead to any user 
having a limited insight into other customer's infrastructure and 
potential data cross-contamination. 


2021-10-21 





not yet 
calculated 


CVE-2021-35225 


MISC 
MISC 
MISC 





package -- x-assign 


This affects all versions of package x-assign. The global proto 
object can be polluted using the __proto___ object. 


2021-10-20 


not yet 
calculated 


CVE-2021-23452 


MISC 
MISC 





passcovery_co_ltd -- 
Zip_password_recovery 


Passcovery Co. Ltd ZIP Password Recovery v3.70.69.0 was 


discovered to contain a buffer overflow via the decompress 
function. 


2021-10-22 


not yet 
calculated 


CVE-2020-28963 


MISC 





perfex -- cms 


Perfex CRM v2.4.4 was discovered to contain a stored cross-site 


scripting (XSS) vulnerability in the component ./clients/client via 
the company name parameter. 


2021-10-22 


CVE-2020-28961 
MISC 





The Simple Payroll System with Dynamic Tax Bracket in PHP 


using SQLite Free Source Code (by: oretnom23 ) is vulnerable 





not yet 
calculated 








the registration form & loginsystem input fields. 


php -- simple_payroll_system from remote SQL-Injection-Bypass-Authentication for the admin 2021-10-22 not yet ||CVE-2021-42169 
account. The parameter (username) from the login form is not calculated |MISC 
protected correctly and there is no security and escaping from 
malicious payloads. 
phpgurukul Phpgurukul User Registration & User Management System v2.0 
herein was discovered to contain multiple stored cross-site scripting ETT not yet ||CVE-2020-23051 
user_registration_and_user_manageiWRnd Yih ilities via the firstname and lastname parameters of 2021-10:22 calculated ||MISC 





portable_ltd -- playable 


Portable Ltd Playable v9.18 contains a code injection vulnerability 


in the filename parameter, which allows attackers to execute 
arbitrary web scripts or HTML via a crafted POST request. 


2021-10-22 


CVE-2020-23037 
MISC 


not yet 
calculated 





Portable Ltd Playable v9.18 was discovered to contain an arbitrary 











installs where qutebrowser is registered as URL handler are 
affected. The issue has been fixed in qutebrowser v2.4.0. The fix 
also adds additional hardening for potential similar issues on Linux 
(by adding the new --untrusted-args flag to the .desktop file), 
though no such vulnerabilities are known. 


portable_Itd -- playable file upload vulnerability in the filename parameter of the upload 2021-10-22 not yet ||CVE-2020-36485 
module. This vulnerability allows attackers to execute arbitrary calculated ||MISC 
code via a crafted JPEG file. 
qutebrowser is an open source keyboard-focused browser with a 
minimal GUI. Starting with qutebrowser v1.7.0, the Windows 
installer for qutebrowser registers a `qutebrowserurl: URL 
handler. With certain applications, opening a specially crafted 
*qutebrowserurl:.... URL can lead to execution of qutebrowser CVE-2021-41146 
qutebrowser -- qutebrowser commands, which in turn allows arbitrary code execution via 2021-10-24 not yet CONFIRM 
commands such as *:spawn’ or *:debug-pyeval’. Only Windows calculated Msc 





rabbitmq -- plugin 











The HTTP interface was enabled for RabbitMQ Plugin in ARM 
2020.2.6 and the ability to configure HTTPS was not available. 








2021-10-21 


not yet 
calculated 








CVE-2021-35227 


MISC 





MISC 
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could lead to the disclosure of sensitive data on the vulnerable 
server. 


Prima ae : CVSS Source & Patch 
Vendor -- adici Description Published Score Info 
Rasa is an open source machine learning framework to automate 
text-and voice-based conversations. In affected versions a 
vulnerability exists in the functionality that loads a trained model 
$485 eae ‘tar.gz file which allows a malicious actor to craft a ‘model.tar.gz° not vet CVE-2021-41127 
file which can overwrite or replace bot files in the bot directory. 2021-10-21 eaeuaed CONFIRM 
The vulnerability is fixed in Rasa 2.8.10. For users unable to MISC 
update ensure that users do not upload untrusted model files, and 
restrict CLI or API endpoint access where a malicious actor could 
target a deployed Rasa instance. 
Rasa X before 0.42.4 allows Directory Traversal during archive 
rasa_x -- rasa_x extraction. In the functionality that allows a user to load a trained 2021-10-22 not yet eee 
model archive, an attacker has arbitrary write capability within calculated |v 
eats Á : paar CONFIRM 
specific directories via a crafted archive file. 
Revisor Video Management System (VMS) before 2.0.0 has a 
revisor directory traversal vulnerability. Successful exploitation could allow CVE-2021-42261 
video_management_system an attacker to traverse the file system to access files or directories 2021-10-19 not yet MISC. 
= = that are outside of restricted directory on the remote server. This calculated MISC 





seedms -- 
content_management_system 


SeedDMS Content Management System v6.0.7 contains a 
persistent cross-site scripting (XSS) vulnerability in the component 
AAddEvent.php via the name and comment parameters. 


2021-10-22 


CVE-2020-23048 
MISC 


not yet 
calculated 





shell-quote -- shell-quote 


The shell-quote package before 1.7.3 for Node.js allows command 


injection. An attacker can inject unescaped shell metacharacters 
through a regex designed to support Windows drive letters. If the 
output of this package is passed to a real shell as a quoted 
argument to a command with exec(), an attacker can inject 
arbitrary commands. This is because the Windows drive letter 
regex character class is {A-z] instead of the correct {A-Za-z]. 
Several shell metacharacters exist in the space between capital 
letter Z and lower case letter a, such as the backtick character. 


2021-10-21 





not yet 
calculated 


CVE-2021-42740 
CONFIRM 

MISC 

CONFIRM 





showdoc -- showdoc 


ShowDoc 2.8.3 ihas a file upload vulnerability, where attackers 
can use the vulnerability to obtain server permissions. 


2021-10-22 


not yet 
calculated 


CVE-2021-41745 


MISC 
MISC 





sky_file -- ftp_server 


An issue in the FTP server of Sky File v2.1.0 allows attackers to 


2021-10-22 


not yet 
calculated 


CVE-2020-36488 




















perform directory traversal via `/null/^ path commands. MISC 
: ; Sky File v2.1.0 contains a directory traversal vulnerability in the 
ee FTP server which allows attackers to access sensitive data and 2021-10-22 not yet. |CVE-2020-25040 
$ a calculated ||MISC 
files via 'null' path commands. 
snapdragon -- auto Improper handling of sensor HAL structure in absence of sensor 2021-10-20 not yet ||CVE-2021-30315 
can lead to use after free in Snapdragon Auto calculated |CONFIRM 





Improper validation of kernel buffer address while copying 
information back to user buffer can lead to kernel memory 

















Snapdragon Industrial IOT, Snapdragon Wearables 


as : information exposure to user space in Snapdragon Auto, 40. not yet |CVE-2021-1969 
snapdragon -multiple products Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon 2021S 020 calculated |CONFIRM 
Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, 
Snapdragon Wearables 
Possible memory corruption due to lack of bound check of input 
index in Snapdragon Auto, Snapdragon Compute, Snapdragon T 4 
snapdragon -- multiple _products Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial 2021-10-20 a o 
IOT, Snapdragon loT, Snapdragon Mobile, Snapdragon Voice & T 
Music, Snapdragon Wearables 
Possible buffer over read due to lack of data length check in QVR 
= : Service configuration in Snapdragon Auto, Snapdragon Compute, 40. not yet |CVE-2021-1985 
snapdragon- multiple products Snapdragon Connectivity, Snapdragon Consumer IOT, 202110720 calculated |CONFIRM 





Possible stack buffer overflow due to lack of check on the 
maximum number of post NAN discovery attributes while 











Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music 


E : processing a NAN Match event in Snapdragon Auto, Snapdragon 40. not yet |CVE-2021-1967 
snapdragon multiple products Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, 2021410729 calculated |CONFIRM 
Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon 
Voice & Music, Snapdragon Wearables 
Possible buffer overflow due to lack of length check of source and 
a : destination buffer before copying in Snapdragon Auto, 40. not yet |CVE-2021-1966 
snapdragon- multiple products Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon 202151020 calculated |CONFIRM 





snapdragon -- multiple_ products 











Possible buffer over read due to lack of length check while parsing 


beacon IE response in Snapdragon Auto, Snapdragon Compute, 
Snapdragon Connectivity, Snapdragon Consumer Electronics 
Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial 
IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon 
Wired Infrastructure and Networking 








2021-10-20 





not yet 
calculated 











CVE-2021-1980 
CONFIRM 
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Null pointer dereference can occur due to lack of null check for 
user provided input in Snapdragon Auto, Snapdragon Compute, 
Snapdragon Connectivity, Snapdragon Consumer IOT, 
Snapdragon Industrial IOT, Snapdragon Wearables 


Possible out of bound memory access due to improper boundary 
snapdragon -- multiple_ products check while creating HSYNC fence in Snapdragon Auto, 
Snapdragon Connectivity, Snapdragon Consumer IOT, 2021-10-20 
Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon 
Wearables 


Possible buffer out of bound read can occur due to improper 
validation of TBTT count and length while parsing the beacon 2021-10-20 not yet ||CVE-2021-30304 
response in Snapdragon Compute, Snapdragon Connectivity, calculated |CONFIRM 

Snapdragon Consumer Electronics Connectivity 


Improper authentication of sub-frames of a multicast AMSDU 
frame can lead to information disclosure in Snapdragon Auto, 
Snapdragon Compute, Snapdragon Connectivity, Snapdragon 2021-10-20 not yet |CVE-2021-30312 
Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, calculated |CONFIRM 
Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon 
Wired Infrastructure and Networking 


Possible stack overflow due to improper length check of TLV while 
copying the TLV to a local stack variable in Snapdragon Auto, 
snapdragon -- multiple_ products Snapdragon Compute, Snapdragon Connectivity, Snapdragon 
Consumer Electronics Connectivity, Snapdragon Consumer IOT, 2021-10-20 
Snapdragon Industrial IOT, Snapdragon loT, Snapdragon Mobile, 
Snapdragon Voice & Music, Snapdragon Wired Infrastructure and 
Networking 


Improper access control in trusted application environment can 
cause unauthorized access to CDSP or ADSP VM memory with 
snapdragon -- multiple _products either privilege in Snapdragon Auto, Snapdragon Compute, 
Snapdragon Connectivity, Snapdragon Consumer IOT, 
Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon 
Wired Infrastructure and Networking 


Null pointer dereference can occur due to memory allocation 
snapdragon -- multiple _products failure in DIAG in Snapdragon Auto, Snapdragon Compute, 
Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon 
Wearables 


Possible integer overflow due to improper length check while 
updating grace period and count record in Snapdragon Auto, 
Snapdragon Compute, Snapdragon Connectivity, Snapdragon 2021-10-20 
Industrial IOT, Snapdragon Mobile, Snapdragon Wired 
Infrastructure and Networking 


Possible buffer overflow due to Improper validation of received 
CF-ACK and CF-Poll data frames in Snapdragon Auto, 
snapdragon -- multiple _products Snapdragon Connectivity, Snapdragon Consumer Electronics 
Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial 
IOT, Snapdragon loT, Snapdragon Mobile, Snapdragon Voice & 
Music 


Possible buffer over read due to improper buffer allocation for file 
length passed from user space in Snapdragon Auto, Snapdragon || 2021-10-20 
Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile 


Improper validation of kernel buffer address while copying 
information back to user buffer can lead to kernel memory 


not yet ||CVE-2021-1936 


2021-10-20 || calculated CONFIRM 


snapdragon -- multiple _products 








not yet ||CVE-2021-30316 
calculated ||CONFIRM 








snapdragon -- multiple_ products 








snapdragon -- multiple_ products 








not yet |CVE-2021-30288 
calculated ||CONFIRM 








not yet |CVE-2021-1932 


2021-10-20 || calculated |CONFIRM 








not yet |CVE-2021-1917 


2021-10-20 || calculated |CONFIRM 








snapdragon -- multiple_ products not yet |CVE-2021-1913 


calculated ||CONFIRM 








not yet ||CVE-2021-30310 


2021-10-20 || calculated |CONFIRM 





not yet ||CVE-2021-30306 
calculated ||CONFIRM 


snapdragon -- multiple_ products 


i 














snapdragon -- multiple_ products information exposure to user space in Snapdragon Auto, 2021-10-20 not yet |CVE-2021-1968 
Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon calculated |CONFIRM 
Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, 
Snapdragon Wearables 
Possible stack overflow due to improper validation of camera 

snapdragon -- multiple_products name length before copying the name in VR Service in 2021-10-20 not yet |CVE-2021-30256 


Snapdragon Compute, Snapdragon Connectivity, Snapdragon calculated |CONFIRM 
Consumer IOT, Snapdragon Industrial IOT 


Possible buffer over read due to improper validation of frame 
length while processing AEAD decryption during ASSOC 
response in Snapdragon Auto, Snapdragon Compute, 
Snapdragon Connectivity, Snapdragon Consumer Electronics 2021-10-20 
Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial 
IOT, Snapdragon loT, Snapdragon Mobile, Snapdragon Voice & 








snapdragon -- multiple _products not yet ||CVE-2021-1977 


calculated |CONFIRM 
































Music 
: Possible out of bound access due to lack of validation of page 
snapdragon multiple. products offset before page is inserted in Snapdragon Auto, Snapdragon 2021-10-20 M t aa am 
Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile e 
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Snapdragon Industrial IOT, Snapdragon Wearables 


Primary ae A CVSS Source & Patch 
Vendor -- Product Description Published Score Info 
Possible buffer overflow due to improper validation of index value 
: while processing the plugin block in Snapdragon Auto, 

snapdragon — multiple_products Snapdragon Compute, Snapdragon Connectivity, Snapdragon 2021-10-20 a oS a 
Consumer IOT, Snapdragon Industrial IOT, Snapdragon e 
Wearables 
Improper authentication of EAP WAPI EAPOL frames from 
unauthenticated user can lead to information disclosure in 

snapdragon -- multiple _products Snapdragon Compute, Snapdragon Connectivity, Snapdragon 2021-10-20 not yet ||CVE-2021-30302 
Consumer Electronics Connectivity, Snapdragon Consumer IOT, calculated |CONFIRM 
Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon 
Wired Infrastructure and Networking 
Possible out of bound read due to improper validation of packet 

= : length while handling data transfer in VR service in Snapdragon 7 y 

snapdragon -- multiple_products Auto, Snapdragon Compute, Snapdragon Connectivity, 2021-10-20 en aa o 
Snapdragon Consumer IOT, Snapdragon Industrial IOT, oe 
Snapdragon Wearables 
Possible memory corruption due to lack of validation of client data 

snapdragon -- multiple_ products used for memory allocation in Snapdragon Auto, Snapdragon 2021-10-20 not yet |CVE-2021-30292 
Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, calculated |CONFIRM 





Possible memory corruption due to lack of validation of client data 

















Snapdragon Industrial IOT, Snapdragon Wearables 


snapdragon -- multiple _products used for memory allocation in Snapdragon Auto, Snapdragon 2021-10-20 not yet ||CVE-2021-30291 
Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, calculated |CONFIRM 
Snapdragon Industrial IOT, Snapdragon Wearables 
Possible integer overflow due to improper check of batch count 

2 F value while sanitizer is enabled in Snapdragon Auto, Snapdragon j _ 

snapdragon -- multiple_products Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, 2021-10-20 Mea e ee 
Snapdragon Industrial IOT, Snapdragon Voice & Music, ee 
Snapdragon Wearables 
Possible buffer overflow due to improper size calculation of 

snapdragon -- multiple_ products payload received in VR service in Snapdragon Auto, Snapdragon 2021-10-20 not yet |CVE-2021-30258 
Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, calculated |CONFIRM 





snapdragon -- multiple_ products 


Accepting AMSDU frames with mismatched destination and 
source address can lead to information disclosure in Snapdragon 
Auto, Snapdragon Connectivity, Snapdragon Consumer 
Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon 
Industrial IOT, Snapdragon loT, Snapdragon Mobile, Snapdragon 
Voice & Music, Snapdragon Wired Infrastructure and Networking 


2021-10-20 





not yet 
calculated 


CVE-2020-11303 
CONFIRM 








snapdragon -- multiple _products 


Possible out of bound read or write in VR service due to lack of 
validation of DSP selection values in Snapdragon Compute, 
Snapdragon Connectivity, Snapdragon Consumer IOT, 
Snapdragon Industrial IOT 


2021-10-20 


not yet 
calculated 


CVE-2021-30257 
CONFIRM 





snapdragon -- multiple _products 


Possible buffer overflow due to improper handling of negative data 


length while processing write request in VR service in Snapdragon 
Auto, Snapdragon Compute, Snapdragon Connectivity, 
Snapdragon Consumer IOT, Snapdragon Industrial IOT, 
Snapdragon Wearables 


2021-10-20 


not yet 
calculated 


CVE-2021-1983 
CONFIRM 





snapdragon -- qnap_devices 


A command injection vulnerability has been reported to affect 


QNAP device running Media Streaming add-on. If exploited, this 
vulnerability allow remote attackers to run arbitrary commands. 
We have already fixed this vulnerability in the following versions of 
Media Streaming add-on: QTS 5.0.0: Media Streaming add-on 
500.0.0.3 ( 2021/08/20 ) and later QTS 4.5.4: Media Streaming 
add-on 500.0.0.3 ( 2021/08/20 ) and later QTS 4.3.6: Media 
Streaming add-on 430.1.8.12 ( 2021/08/20 ) and later QTS 4.3.3: 
Media Streaming add-on 430.1.8.12 ( 2021/09/29 ) and later 
QuTS-Hero 5.0.0: Media Streaming add-on 500.0.0.3 ( 
2021/08/20 ) and later 


2021-10-22 


not yet 
calculated 


CVE-2021-34362 
MISC 





solarwinds -- 
database_performance_analyzer 


This vulnerability occurred due to missing input sanitization for 


one of the output fields that is extracted from headers on specific 
section of page causing a reflective cross site scripting attack. An 
attacker would need to perform a Man in the Middle attack in order 
to change header for a remote victim. 


2021-10-21 


not yet 
calculated 


CVE-2021-35228 
MISC 
MISC 





stb -- stb_image 








An issue was discovered in stb stb_image.h 1.33 through 2.27. 


The HDR loader parsed truncated end-of-file RLE scanlines as an 
infinite sequence of zero-length runs. An attacker could potentially 
have caused denial of service in applications using stb_image by 





submitting crafted HDR files. 








2021-10-21 





not yet 
calculated 











CVE-2021-42715 
MISC 
MISC 
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including non-existent path environment variables. 


Prima ae, : CVSS Source & Patch 
Vendor -- adici Description Published Score Info 
An issue was discovered in stb stb_image.h 2.27. The PNM 
loader incorrectly interpreted 16-bit PGM files as 8-bit when 
stb -- stb_image converting to RGBA, leading to a buffer overflow when later not yet wee 
= reinterpreting the result as a 16-bit buffer. An attacker could 2021-10-21 calculated MISC 
potentially have crashed a service using stb_image, or read up to MISC 
1024 bytes of non-consecutive heap data without control over the _—— 
read location. 
Multiple cross-site scripting (XSS) vulnerabilities in the Support 
module of SugarCRM v6.5.18 allows attackers to execute arbitra not yet |CVE-2020-36501 
eugerermcs sugarenm web scripts or HTML via crafted payloads entered into the arat 2021-10:22 A a MISC 
address state or alternate address state input fields. 
Multiple cross-site scripting (XSS) vulnerabilities in the Sales 
sugarcrm -- sugarcrm module of SugarCRM v6.5.18 allows attackers to execute arbitrary 2021-10-22 not yet ||CVE-2020-28956 
web scripts or HTML via crafted payloads entered into the primary calculated |MISC 
address state or alternate address state input fields. 
SugarCRM v6.5.18 was discovered to contain a cross-site 
scripting (XSS) vulnerability in the Create Employee module. This 
Pugarcrm == Sugari vah A Ae to execute Sie eb scripts or 2021-10-22 ne A . d i ea 
HTML via a crafted payload in the First Name or Last Name input calculated WS% 
fields. 
SuiteCRM before 7.11.19 allows remote code execution via the 
system settings Log File Name setting. In certain circumstances Ie =a 
suitecrm -- suitecrm involving admin account takeover, logger_file_name can refer to 2021-10-22 not yet MISC 
an attacker-controlled PHP file under the web root, because only calculated MISC 
the all-lowercase PHP file extensions were blocked. NOTE: this MISC 
issue exists because of an incomplete fix for CVE-2020-28328. ao 
Sulu is an open-source PHP content management system based 
sül: sulu on the Symfony framework. In versions before 1.6.43 are subject not yet CVE-2021-41169 
to stored cross site scripting attacks. HTML input into Tag names 2021-10-21 calculated CONFIRM 
is not properly sanitized. Only admin users are allowed to create MISC 
tags. Users are advised to upgrade. 
Snudown is a reddit-specific fork of the Sundown Markdown 
parser used by GitHub, with Python integration added. In affected 
versions snudown was found to be vulnerable to denial of service 
attacks to its reference table implementation. References written 
in markdown ` [reference_name]: https://www.example.com’ are 
inserted into a hash table which was found to have a weak hash 
sundown = Sundown function, meaning that an attacker can reliably generate a large not yet CVE-2021-41168 
number of collisions for it. This makes the hash table vulnerable to|| 2021-10-21 éaleulated CONFIRM 
a hash-collision DoS attack, a type of algorithmic complexity MISC 
attack. Further the hash table allowed for duplicate entries 
resulting in long retrieval times. Proofs of concept and further 
discussion of the hash collision issue are discussed on the 
snudown 
GHSA(https://github.com/reddit/snudown/security/advisories/GHSA- 
6gvv-9q92-w5f6). Users are advised to update to version 1.7.0. 
; , ‘ Swift File Transfer Mobile v1.1.2 and below was discovered to 
Swit Tle _wanstor_mopile contain a cross-site scripting (XSS) vulnerability via the 'path' 2021-10-22 a ae oo 
parameter of the 'list' and 'download' exception-handling. calcurated jis 
Swift File Transfer Mobile v1.1.2 and below was discovered to 
swift -- file_transfer_mobile contain an information disclosure vulnerability in the path 2021-10-22 not yet |CVE-2020-23038 
parameter. This vulnerability is exploited via an error caused by calculated |MISC 





Swift File Transfer Mobile v1.1.2 was discovered to contain a 


























vulnerability allows attackers to execute phishing attacks, external 
redirects, and arbitrary code. 

















swift -- file_transfer_mobile cross-site scripting (XSS) vulnerability via the devicename 2021-10-22 not yet ||CVE-2020-36502 
parameter which allows attackers to execute arbitrary web scripts calculated |MISC 
or HTML via a crafted payload entered as the device name itself. 
An issue was discovered in function scanallsubs in 
synchronet -- bbs src/sbbs3/scansubs.cpp in Synchronet BBS, which may allow not yet eee 
: A ne ; eer Aer 2021-10-19 MISC 
attackers to view sensitive information due to an uninitialized calculated MISC 
value. eae 
TAO Open Source Assessment Platform v3.3.0 RCO2 was 
tao -- discovered to contain a cross-site scripting (XSS) vulnerability in 
open_source_assessment_platform ||the content parameter of the Rubric Block (Add) module. This 2021-10-22 Pasir i ea 
vulnerability allows attackers to execute arbitrary web scripts or = 
HTML via a crafted payload in the rubric name value. 
TAO Open Source Assessment Platform v3.3.0 RC02 was 
tao -- discovered to contain a HTML injection vulnerability in the 
open_source_assessment_platform ||userFirstName parameter of the user account input field. This 2021-10-22 ae oo 
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CVSS 
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Source & Patch 
Info 





tough -- tough 


Tough provides a set of Rust libraries and tools for using and 


generating the update framework (TUF) repositories. The tough 
library, prior to 0.12.0, does not properly sanitize delegated role 





CVE-2021-41150 








overwritten with arbitrary content anywhere on the system. A fix is 
available in version 0.12.0. No workarounds to this issue are 
known. 


names when caching a repository, or when loading a repository 2021-10-19 not yet CONFIRM 

from the filesystem. When the repository is cached or loaded, files calculated |MISC 

ending with the .json extension could be overwritten with role MISC 

metadata anywhere on the system. A fix is available in version 

0.12.0. No workarounds to this issue are known. 

Tough provides a set of Rust libraries and tools for using and 

generating the update framework (TUF) repositories. The tough 

library, prior to 0.12.0, does not properly sanitize target names CVE-2021-41149 
tough -- tough when caching a repository, or when saving specific targets to an 2021-10-19 not yet CONFIRM 

output directory. When targets are cached or saved, files could be calculated Msc 





tran_tu -- sir_sender 


Tran Tu Air Sender v1.0.2 was discovered to contain an arbitrary 


file upload vulnerability in the upload module. This vulnerability 


2021-10-22 


not yet 
calculated 


CVE-2020-23043 















































vulnerability. This vulnerability is similar to but not identical to 
CVE-2021-42104, 42105 and 42107. 


allows attackers to execute arbitrary code via a crafted file. ee 
trane -- ; f ~ „> OOOO 
aa: : The affected product is vulnerable to directory traversal due to not yet |CVE-2021-42542 
Building automation controllers mishandling of provided backup folder structure. 2021-10:22 calculated |CONFIRM 
trane -- The affected product is vulnerable to a unsanitized extract folder 
building_automation_controllers for system configuration. A low-privileged user can leverage this 2021-10-22 Min ae oa e 
logic to overwrite the settings and other key functionality. oe 
trane -- The affected product is vulnerable to a missing permission 
building_automation_controllers validation on system backup restore, which could lead to account || 2021-10-22 as cos 
take over and unapproved settings change. a 
trane -- The affected product is vulnerable to a parameter injection via 
building_automation_controllers passphrase, which enables the attacker to supply uncontrolled 2021-10-22 ae pee ee ASS 
input. calculated ||CONFIRM 
trane -- The affected product is vulnerable to a disclosure of peer 
building_automation_controllers username and password by allowing all users access to read 2021-10-22 — a e 
global variables. calculated (CONFIRM 
trane -- The affected product’s web application does not properly o] baaa, | 
building_automation_controllers neutralize the input during webpage generation, which could allow || 2021-10-22 as —— 42534 
an attacker to inject code in the input forms. ———— 
trend_micro -- F TRE ; 
apex_one_and_worry- A null pointer vulnerability in Trend Micro Apex One and Worry- not yet CVE-2021-23139 
irec business Securit Free Business Security 10.0 SP1 could allow an attacker to crash || 2021-10-21 calculated MISC 
= = y the CGI program on affected installations. MISC 
An incorrect permission assignment vulnerability in Trend Micro 
Apex One and Apex One as a Service could allow a local attacker CVE-2021-42011 
rand imiteole: abexcone to load a DLL with escalated privileges on affected installations. 2021-10-24 not yet MISC... 
= pex_ Please note: an attacker must first obtain the ability to execute calculated MISC 
low-privileged code on the target system in order to exploit this e 
vulnerability. 
Apex One and Apex One as a Service agents could allow a local notyet CVE-2021-42102 
trend_mirco -- apex_one attacker to escalate privileges on affected installations. An 2021-10-21 Pane MISC 
attacker must first obtain the ability to execute low-privileged code MISC 
on the target system in order to exploit this vulnerability. 
Unnecessary privilege vulnerabilities in Trend Micro Apex One, 
Apex One as a Service, Worry-Free Business Security 10.0 SP1 
and Worry-Free Business Security Services could allow a local CVE-2021-42104 
tend tires apex cone attacker to escalate privileges on affected installations. Please 2021-10-21 not yet MISC 
= pex_ note: an attacker must first obtain the ability to execute low- calculated |MISC 
privileged code on the target system in order to exploit this MISC 
vulnerability. This vulnerability is similar to but not identical to 
CVE-2021-42105, 42106 and 42107. 
Unnecessary privilege vulnerabilities in Trend Micro Apex One, 
Apex One as a Service, Worry-Free Business Security 10.0 SP1 
and Worry-Free Business Security Services could allow a local CVE-2021-42106 
trend_mirco -- apex_one attacker to escalate privileges on affected installations. Please 2021-10-21 not yet |MISC 
note: an attacker must first obtain the ability to execute low- calculated |MISC 
privileged code on the target system in order to exploit this MISC 





trend_mirco -- apex_one 








Unnecessary privilege vulnerabilities in the Web Console of Trend 


Micro Apex One, Apex One as a Service and Worry-Free 
Business Security 10.0 SP1 could allow a local attacker to 
escalate privileges on affected installations. Please note: an 
attacker must first obtain the ability to execute low-privileged code 





on the target system in order to exploit this vulnerability. 








2021-10-21 





not yet 
calculated 








CVE-2021-42108 
MISC 
MISC 
MISC 
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Unnecessary privilege vulnerabilities in Trend Micro Apex One, 


Apex One as a Service, Worry-Free Business Security 10.0 SP1 
and Worry-Free Business Security Services could allow a local 





CVE-2021-42107 








vulnerability. This vulnerability is similar to but not identical to 
CVE-2021-42104, 42106 and 42107. 


trend_mirco -- apex_one attacker to escalate privileges on affected installations. Please 2021-10-21 not yet MISC 
note: an attacker must first obtain the ability to execute low- calculated |MISC 
privileged code on the target system in order to exploit this MISC 
vulnerability. This vulnerability is similar to but not identical to 
CVE-2021-42104, 42105 and 42106. 
Unnecessary privilege vulnerabilities in Trend Micro Apex One, 
Apex One as a Service, Worry-Free Business Security 10.0 SP1 
and Worry-Free Business Security Services could allow a local CVE-2021-42105 
trend_mirco -- apex_one attacker to escalate privileges on affected installations. Please 2021-10-21 not yet MISC 
note: an attacker must first obtain the ability to execute low- calculated |MISC 
privileged code on the target system in order to exploit this MISC 





A stack-based buffer overflow vulnerability in Trend Micro Apex 


One, Apex One as a Service and Worry-Free Business Security 





CVE-2021-42012 








system in order to exploit this vulnerability. This vulnerability is 
similar but not identical to CVE-2021-42103. 


trend_mirco -- apex_one 10.0 SP1 could allow a local attacker to escalate privileges on 2021-10-21 not yet MISC 
affected installations. Please note: an attacker must first obtain the calculated |MISC 
ability to execute low-privileged code on the target system in order MISC 
to exploit this vulnerability. 
An uncontrolled search path element vulnerabilities in Trend Micro 
Apex One and Apex One as a Service could allow a local attacker 
: ee ; : CVE-2021-42101 
trend_mirco -- apex_one to escalate privileges on affected installations. An attacker must 2021-10-21 not yet MISC 
first obtain the ability to execute low-privileged code on the target calculated MISC 





trend_mirco -- apex_one 


An uncontrolled search path element vulnerabilities in Trend Micro 


Apex One and Apex One as a Service could allow a local attacker 
to escalate privileges on affected installations. An attacker must 
first obtain the ability to execute low-privileged code on the target 
system in order to exploit this vulnerability. This vulnerability is 
similar but not identical to CVE-2021-42101. 


2021-10-21 


not yet 
calculated 





CVE-2021-42103 
MISC 
MISC 








ufida -- plm 


All versions of yongyou PLM are affected by a command injection 
issue. UFIDA PLM (Product Life Cycle Management) is a strategic 
management method. It applies a series of enterprise application 
systems to support the entire process from conceptual design to 
the end of product life, and the collaborative creation, distribution, 
application and management of product information across 
organizations. Yonyou PLM uses jboss by default, and you can 
access the management control background without authorization 
An attacker can use this vulnerability to gain server permissions. 


2021-10-22 


not yet 
calculated 


CVE-2021-41744 
MISC 








vmware -- vrealize 


Releases prior to VMware vRealize Operations Tenant App 8.6 
contain an Information Disclosure Vulnerability. 


2021-10-21 


not yet 
calculated 


CVE-2021-22034 
MISC 





webkitgtk -- bubblewraplauncher 


BubblewrapLauncher.cpp in WebKitGTK and WPE Webkit before 


2.34.1 allows a limited sandbox bypass that allows a sandboxed 
process to trick host processes into thinking the sandboxed 
process is not confined by the sandbox, by abusing VFS syscalls 





not yet 


CVE-2021-42762 








malicious files that can be used to achieve remote code execution. 


that manipulate its filesystem namespace. The impact is limited to 2021-10-20 calculated ee 
host services that create UNIX sockets that WebKit mounts inside Ps 
its sandbox, and the sandboxed process remains otherwise 
confined. NOTE: this is similar to CVE-2021-41133. 
The Catch Themes Demo Import WordPress plugin is vulnerable 
to arbitrary file uploads via the import functionality found in the CVE-2021-39352 
~/inc/CatchThemesDemolmport.php file, in versions up to and not yet MISC 
Wordpress -- wordpress including 1.7, due to insufficient file type validation. This makes it || 2071-10-21 || calculated MISC 
possible for an attacker with administrative privileges to upload MISC 





The Simple Job Board WordPress plugin is vulnerable to Stored 


Cross-Site Scripting due to insufficient escaping on the 
$job_board_privacy_policy_label variable echo'd out via the 





CVE-2021-39328 














authenticated users due to a missing capability check on the 
import_config function. 

















~/admin/settings/class-simple-job-board-settings-privacy.php file not yet MISC 
Wordpress -- wordpress which allowed attackers with administrative user access to inject 2021-10-21 || calculated [MISC 

arbitrary web scripts, in versions up to and including 2.9.4. This MISC 

affects multi-site installations where unfiltered_html is disabled for 

administrators, and sites where unfiltered_html is disabled. 

Version 3.3.23 of the Sassy Social Share WordPress plugin is 

vulnerable to PHP Object Injection via the 

Wwp_ajax_heateor_sss_import_config AJAX action due to CVE-2021-39321 

7 deserialization of unvalidated user supplied inputs via the AL not yet MISC 

Wordpress=: wordpress import_config function found in the ~/admin/class-sassy-social- PORTR] calculated ||MISC 

share-admin.php file. This can be exploited by underprivileged MISC 
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wordpress -- wordpress 


The Easy Digital Downloads WordPress plugin is vulnerable to 


Reflected Cross-Site Scripting via the $start_date and $end_date 
parameters found in the ~/includes/admin/payments/class- 
payments-table.php file which allows attackers to inject arbitrary 
web scripts, in versions up to and including 2.11.2. 


2021-10-21 





not yet 
calculated 


CVE-2021-39354 


MISC 
MISC 
MISC 





wordpress -- wordpress 


Reflected Cross-Site Scripting (XSS) vulnerability in WordPress 


Ivory Search plugin (versions <= 4.6.6). Vulnerable parameter: 
&post. 


2021-10-21 


not yet 
calculated 


i 


CVE-2021-36869 


CONFIRM 
MISC 





The Content Staging WordPress plugin is vulnerable to Stored 


Cross-Site Scripting due to insufficient input validation and 
escaping via several parameters that are echo'd out via the 





CVE-2021-39356 






































wordpress -- wordpress ~/templates/settings.php file which allowed attackers with 2021-10-21 not yet j|MISC 
administrative user access to inject arbitrary web scripts, in calculated ||MISC 
versions up to and including 2.0.1. This affects multi-site MISC 
installations where unfiltered_html is disabled for administrators, 
and sites where unfiltered_html is disabled. 
The Leaky Paywall WordPress plugin is vulnerable to Stored 
Cross-Site Scripting due to insufficient input validation and 
Wordpress = wordpress sanitization via the ~/class.php file which allowed attackers with hötyet a 
P P administrative user access to inject arbitrary web scripts, in 2021-10-21 said MISC 
versions up to and including 4.16.5. This affects multi-site MISC 
installations where unfiltered_html is disabled for administrators, B 
and sites where unfiltered_html is disabled. 
The LearnPress WordPress plugin is vulnerable to Stored Cross- 
Site Scripting due to insufficient escaping on the $custom_profile 
parameter found in the ~/inc/admin/views/backend-user- is 
Wordpress = wordpress profile.php file which allowed attackers with administrative user nötyet oo 
P p access to inject arbitrary web scripts, in versions up to and 2021-10-21 Aed MISC 
including 4.1.3.1. This affects multi-site installations where MISC 
unfiltered_html is disabled for administrators, and sites where e 
unfiltered_html is disabled. Please note that this is seperate from 
CVE-2021-24702. 
win: mailster WP Mailster 1.6.18.0 allows XSS when a victim opens a mail natvet CVE-2021-28975 
P server's details in the mst_servers page, for a crafted server_host, || 2021-10-21 ieiea MISC 
server_name, or connection_parameter parameter. MISC 
Truncated L2CAP K-frame causes assertion failure. Zephyr 
E versions >= 2.4.0, >= v.2.50 contain Improper Handling of Length z ; 
zephyr -- zephyr Parameter Inconsistency (CWE-130), Reachable Assertion (CWE-| 2021-10-19 | "Otyet e 
617). For more information, see https://github.com/zephyrproject- = 
rtos/zephyr/security/advisories/GHSA-fx88-6c29-vrp3 
Disconnecting L2CAP channel right after invalid ATT request 
leads freeze. Zephyr versions >= 2.4.0, >= 2.5.0 contain Use After 
zephyr -= zephyr Free (CWE-416). For more information, see 2021-10-19 || BO vet To es 
https://github.com/zephyrproject- So 
rtos/zephyr/security/advisories/GHSA-7g38-3x9v-v7vp 
zoho_manageengine -- CVE-2021-35512 
a ona mana of An SSRF issue was discovered in Zoho ManageEngine 2021-10-21 not yet MISC 
pp manag Applications Manager build 15200. calculated MISC 
MISC 





zte -- mf971r_product 


ZTE MF971R product has two stack-based buffer overflow 


vulnerabilities. An attacker could exploit the vulnerabilities to 
execute arbitrary code. 


2021-10-20 


not yet 
calculated 


i 


CVE-2021-21748 


MISC 





ZTE MF971R product has a configuration file control vulnerability. 











request. 


zte -- mf971r_product An attacker could use this vulnerability to modify the configuration 2021-10-20 not yet CVE-2021-21744 
parameters of the device, causing some security functions of the calculated |MISC 
device to be disabled. 
ZTE MF971R product has a CRLF injection vulnerability. An 

zte -- mf971r_product attacker could exploit the vulnerability to modify the HTTP 2021-10-20 not yet |CVE-2021-21743 
response header information through a specially crafted HTTP calculated |MISC 





ZTE MF971R product has a Referer authentication bypass 























zte -- mf971r_product vulnerability. Without CSRF verification, an attackercould use this 2021-10-20 not yet |CVE-2021-21745 
vulnerability to perform illegal authorization operations by sending calculated |MISC 
a request to the user to click. 
ZTE MF971R product has two stack-based buffer overflow 

zte — mf9/1r_product vulnerabilities. An attacker could exploit the vulnerabilities to 2021-10:20. || _notyet JCVE-2021-21749 

; calculated ||MISC 

execute arbitrary code. 

zte -- mf971r_product ZTE MF971R product has reflective XSS vulnerability. An attacker 2021-10-20 not yet |CVE-2021-21747 
could use the vulnerability to obtain cookie information. calculated ||MISC 





zte -- mf971r_product 











ZTE MF971R product has reflective XSS vulnerability. An attacker 





could use the vulnerability to obtain cookie information. 








2021-10-20 








CVE-2021-21746 


MISC 





not yet 
calculated 
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